Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JwtGrantedAuthoritiesConverter should allow configuring the authorities claim name #7100

Closed
jzheaux opened this issue Jul 13, 2019 · 2 comments · Fixed by #7271

Comments

@jzheaux
Copy link
Contributor

commented Jul 13, 2019

Related to #6945

It would be nice if an application could indicate a custom claim name for GrantedAuthoritys without creating a custom converter.

Something like:

JwtGrantedAuthoritiesConverter converter = new JwtGrantedAuthoritiesConverter();
converter.setAuthoritiesClaimName("authorities");

Would be easier to do than:

Converter<Jwt, List<GrantedAuthorities>> converter = jwt -> {
    List<String> authorities = (List<String>) jwt.getClaim("authorities");
    return authorities.stream()
        .map(authority -> "SCOPE_" + authority)
        .map(SimpleGrantedAuthority::new)
        .collect(Collectors.toList());
};

So, let's add a setter to JwtGrantedAuthoritiesConverter called setAuthoritiesClaimName so that the converter knows which claim to look for.

@jzheaux jzheaux added this to the 5.2.0.RC2 milestone Jul 13, 2019

@jzheaux jzheaux self-assigned this Jul 13, 2019

ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 13, 2019
spring-projectsgh-7100
JwtGrantedAuthoritiesConverter: configurable authorities claim names
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 14, 2019
spring-projectsgh-7100
JwtGrantedAuthoritiesConverter: configurable authorities claim names
ch4mpy added a commit to ch4mpy/spring-security that referenced this issue Jul 14, 2019
spring-projectsgh-7100
JwtGrantedAuthoritiesConverter: configurable authorities claim names

@jzheaux jzheaux removed their assignment Aug 2, 2019

@andifalk

This comment has been minimized.

Copy link
Contributor

commented Aug 5, 2019

Hi @jzheaux
has anybody already claimed this first timers issue?
Would make sense to implement this one together with #7101. If this is ok for you I would be glad to take over implementation for both.

@jzheaux jzheaux self-assigned this Aug 6, 2019

@jzheaux

This comment has been minimized.

Copy link
Contributor Author

commented Aug 6, 2019

@andifalk, it's yours!

andifalk added a commit to andifalk/spring-security that referenced this issue Aug 15, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes spring-projectsgh-7100
andifalk added a commit to andifalk/spring-security that referenced this issue Aug 16, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes spring-projectsgh-7100
andifalk added a commit to andifalk/spring-security that referenced this issue Aug 16, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes spring-projectsgh-7100
andifalk added a commit to andifalk/spring-security that referenced this issue Aug 16, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scp' or 'scope'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like for example 'roles' to map authorities.
Without specifying a custom claim name
the default claims to be used still remains to
the well known ones ('scp' and 'scope').

Fixes spring-projectsgh-7100
andifalk added a commit to andifalk/spring-security that referenced this issue Aug 18, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes spring-projectsgh-7100
jzheaux added a commit that referenced this issue Aug 20, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes gh-7100
kostya05983 added a commit to kostya05983/spring-security that referenced this issue Aug 26, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes spring-projectsgh-7100
fhanik added a commit to fhanik/spring-security that referenced this issue Aug 27, 2019
Add setter for authorities claim name in JwtGrantedAuthoritiesConverter
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes spring-projectsgh-7100
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.