spring-security

History

Alexey Nesterov 0babe7d930 Correctly configure authorization requests repository for OAuth2 login To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is correctly configured, but the latter always uses default, WebSession based repository. So authorization code created before redirect to authorization endpoint will never be found to complete OAuth2 login when custom ServerAuthorizationRequestRepository is used. This change also makes OAuth2Client and OAuth2Login authentication converters consistent. Fixes gh-7675	2019-11-29 13:58:27 -05:00
..
src	Correctly configure authorization requests repository for OAuth2 login	2019-11-29 13:58:27 -05:00
spring-security-config.gradle	Bearer WebClient Filter Authentication Propagation	2019-09-11 16:27:21 +01:00

Alexey Nesterov 0babe7d930 Correctly configure authorization requests repository for OAuth2 login

To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and
OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is
correctly configured, but the latter always uses default, WebSession based repository. So authorization code created
before redirect to authorization endpoint will never be found to complete OAuth2 login when custom
ServerAuthorizationRequestRepository is used.

This change also makes OAuth2Client and OAuth2Login authentication converters consistent.

Fixes gh-7675

2019-11-29 13:58:27 -05:00

src

Correctly configure authorization requests repository for OAuth2 login

2019-11-29 13:58:27 -05:00

spring-security-config.gradle

Bearer WebClient Filter Authentication Propagation

2019-09-11 16:27:21 +01:00