Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DefaultOAuth2UserService should extract authorities #7339

Closed
jzheaux opened this issue Sep 3, 2019 · 0 comments · Fixed by #7351

Comments

@jzheaux
Copy link
Contributor

commented Sep 3, 2019

JwtGrantedAuthoritiesConverter is handy in Resource Server for extracting each scope into individual GrantedAuthoritys:

Jwt jwt = Jwt.withTokenValue("token")
    .claim("scope", "message:read message:write")
    .header("alg", "none")
    .build();
JwtGrantedAuthoritiesConverter converter = new JwtGrantedAuthoritiesConverter();
assertThat(converter.convert(jwt)).containsExactly(
    new SimpleGrantedAuthority("SCOPE_message:read"),
    new SimpleGrantedAuthority("SCOPE_message:write"));

It'd be nice if DefaultOAuth2UserService did the same thing by default. Currently, it adds the OAuth2UserAuthority to the list of granted authorities, so this ticket would serve to append several SimpleGrantedAuthoritys to that list.

Note that we should also keep #5349 in mind when completing this feature.

@jzheaux jzheaux modified the milestones: 5.2.0, 5.2.0.RC1 Sep 3, 2019

@jzheaux jzheaux self-assigned this Sep 3, 2019

jzheaux added a commit to jzheaux/spring-security that referenced this issue Sep 4, 2019

@jzheaux jzheaux closed this in #7351 Sep 4, 2019

jzheaux added a commit that referenced this issue Sep 4, 2019
AndreasKl added a commit to AndreasKl/spring-security that referenced this issue Sep 5, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.