Skip to content

Add OAuth2AuthenticatedPrincipal #7342

New issue
New issue
Closed
Closed
Add OAuth2AuthenticatedPrincipal#7342
Assignees
jzheaux
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement
Milestone
5.2.0.RC1
@jzheaux

Description

@jzheaux
jzheaux
opened on Sep 3, 2019

Oftentimes, an OAuth 2.0 token does not precisely represent a user. It'd be nice to have a domain object different from OAuth2User that represented the attributes and authorities tied to the token's principal.

For example, resource servers deal with JWTs and Opaque Tokens.

The JWT RFC states that the sub claim is (emphasis mine):

The "sub" (subject) claim identifies the principal that is the subject of the JWT.

And the Introspection RFC states that it is based off of JWT:

Subject of the token, as defined in JWT [RFC7519].

Given that both specs, then, refer to this as the principal, and that this principal would need to extend AuthenticatedPrincipal, then OAuth2AuthenticatedPrincipal is a reasonable name.

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions