Expected Behavior
You should be able to use the oauth2.client.registration to configure the application to use the Federated token for client authentication in the Oauth2 Authorization Code Grant Flow.
i.e.
spring:
security:
oauth2:
client:
registration:
azure:
provider: azure
client-id: <CLIENT_ID>
federated-token-file-path: <PATH TO FILE>
scope: <SCOPE LIST>
Spring Security should handle reading in the token file and updating it when the token expires and is rotated.
The following parameters should be added to the request:
client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
client_assertion: <FEDERATED_TOKEN>
Implementation for spring-web is straight forward for non-reactive spring-web but will be more complex for reactive spring-webflux as reading a file is a blocking method.
Current Behavior
Currently this is not supported out of box. It can be achieved through custom parameter converters.
Context
Expected Behavior
You should be able to use the oauth2.client.registration to configure the application to use the Federated token for client authentication in the Oauth2 Authorization Code Grant Flow.
i.e.
Spring Security should handle reading in the token file and updating it when the token expires and is rotated.
The following parameters should be added to the request:
Implementation for spring-web is straight forward for non-reactive spring-web but will be more complex for reactive spring-webflux as reading a file is a blocking method.
Current Behavior
Currently this is not supported out of box. It can be achieved through custom parameter converters.
Context