Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Idea: Allow for AuthoritiesProvider to be used for Resource Servers #405

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Idea: Allow for AuthoritiesProvider to be used for Resource Servers #405

wants to merge 1 commit into from

Conversation

bdemers
Copy link
Contributor

@bdemers bdemers commented Jan 27, 2022

NOTE: This doesn't work, I was just putting thoughts down, and it ended up being a be more complicated:

TODO:

  • There is probably a better Spring Security abstraction for all of this
  • Need to check to see if returning a Converter bean will inject correctly everywhere (including with native images)
  • Need to implement something similar for opaque tokens
  • Need to add tests that will make sure scope authorities and claim/group authorities are merged correctly
  • The new method in AuthoritiesProvder's return type doesn't match the other very related method in this interface (and it still doesn't cover the opaque token use case)

Related: #160

@bdemers
Idea: Allow for AuthoritiesProvider to be used for Resource Servers
45d0474 
NOTE: This doesn't work, I was just putting thoughts down, and it ended up being a be more complicated:

TODO:
* There is probably a better Spring Security abstraction for all of this
* Need to check to see if returning a `Converter` bean will inject correctly everywhere (including with native images)
* Need to implement something similar for opaque tokens
* Need to add tests that will make sure scope authorities and claim/group authorities are merged correctly
* The new method in AuthoritiesProvder's return type doesn't match the other very related method in this interface (and it still doesn't cover the opaque token use case)

Related: #160
@bdemers bdemers marked this pull request as draft January 27, 2022 16:09
@bdemers bdemers mentioned this pull request Jan 27, 2022
Open
@bdemers
Copy link
Contributor Author

bdemers commented Jan 27, 2022

NOTE: Test fail, see comment above this needs some work, It's mostly here to get the conversation going about how we want to handle this (and to see if there is a better way to implement this with newer versions of Spring Sec)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bdemers