Skip to content

DefaultOAuth2UserService should extract authorities #7339

New issue
New issue
Closed
#7351
Closed
DefaultOAuth2UserService should extract authorities#7339
#7351
Assignees
jzheaux
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement
Milestone
 
5.2.0.RC1
@jzheaux

Description

@jzheaux
jzheaux
opened on Sep 3, 2019

JwtGrantedAuthoritiesConverter is handy in Resource Server for extracting each scope into individual GrantedAuthoritys:

Jwt jwt = Jwt.withTokenValue("token")
    .claim("scope", "message:read message:write")
    .header("alg", "none")
    .build();
JwtGrantedAuthoritiesConverter converter = new JwtGrantedAuthoritiesConverter();
assertThat(converter.convert(jwt)).containsExactly(
    new SimpleGrantedAuthority("SCOPE_message:read"),
    new SimpleGrantedAuthority("SCOPE_message:write"));

It'd be nice if DefaultOAuth2UserService did the same thing by default. Currently, it adds the OAuth2UserAuthority to the list of granted authorities, so this ticket would serve to append several SimpleGrantedAuthoritys to that list.

Note that we should also keep #5349 in mind when completing this feature.

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions