Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for any data type in Access Token Response #9685

Closed
jgrandja opened this issue Apr 27, 2021 · 2 comments · Fixed by #9779
Closed

Add support for any data type in Access Token Response #9685

jgrandja opened this issue Apr 27, 2021 · 2 comments · Fixed by #9779
Assignees
@sjohnr
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.6.0-M1

Comments

@jgrandja
Copy link
Contributor

The expires_in parameter in an OAuth 2.0 Access Token response should be a JSON number.

As per spec, in section 5.1 Successful Response:

expires_in
RECOMMENDED. The lifetime in seconds of the access token. For
example, the value "3600" denotes that the access token will
expire in one hour from the time the response was generated.
If omitted, the authorization server SHOULD provide the
expiration time via other means or document the default value.

Sample response:

{
       "access_token":"2YotnFZFEjr1zCsicMWpAA",
       "token_type":"example",
       "expires_in":3600,
       "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
       "example_parameter":"example_value"
     }

OAuth2AccessTokenResponseHttpMessageConverter should support Converter's that operate on Map<String, Object> NOT the current Map<String, String>.
@jgrandja jgrandja added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Apr 27, 2021
@jgrandja jgrandja self-assigned this Apr 27, 2021
@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 27, 2021
@jgrandja jgrandja added this to the 5.5.0 milestone Apr 27, 2021
@jgrandja jgrandja mentioned this issue Apr 27, 2021
Closed
@jgrandja jgrandja modified the milestones: 5.5.0, 5.6.0-M1 Apr 29, 2021
@mychaint
Copy link

mychaint commented May 1, 2021

hi @jgrandja are you working on it

@roll57 roll57 mentioned this issue May 5, 2021
Closed
@jgrandja
Copy link
Contributor Author

@mychaint Yes, I'll be taking this one.

The change required here is not as simple as it looks. I will need to @Deprecate setTokenResponseConverter() and setTokenResponseParametersConverter() and provide equivalent setters that operate on Map<String, Object>.

We can't simply change Map<String, String> to Map<String, Object> as this would break existing applications.

I've scheduled this for 5.6 so I will likely not get to this for a bit still.

@jgrandja jgrandja assigned sjohnr and unassigned jgrandja May 18, 2021
sjohnr added a commit that referenced this issue May 18, 2021
@sjohnr
Add support for a more complex access token response
4c34bfe 
Changed the converter used to convert a map into an OAuth2AccessTokenResponse to
support any object as the value, including json numbers and nested objects.

In order to keep MapOAuth2AccessTokenResponseConverter backwards compatible, it
now implements Converter<String, ?> instead of Converter<String, Object>, which
allows it to convert a Map of String -> any other type.

Closes gh-9685
@sjohnr sjohnr mentioned this issue May 18, 2021
Merged
sjohnr added a commit that referenced this issue May 20, 2021
@sjohnr
Add support for a more complex access token response
a4d29eb 
Changed the converter used to convert a map into an OAuth2AccessTokenResponse to
support any object as the value, including json numbers and nested objects. Also
deprecated old setters/constructors and added new setters/factory methods.

Closes gh-9685
@jgrandja jgrandja added type: enhancement A general enhancement type: bug A general bug and removed type: bug A general bug type: enhancement A general enhancement labels May 25, 2021
sjohnr added a commit to sjohnr/spring-security that referenced this issue May 26, 2021
@sjohnr
Add support for a more complex access token response
1ab5069 
Changed the converter used to convert a map into an OAuth2AccessTokenResponse to
support any object as the value, including json numbers and nested objects. Also
deprecated old setters/constructors and added new setters/factory methods.

Closes spring-projectsgh-9685
@jgrandja jgrandja changed the title Access Token Response expires_in should be a JSON number Add support for any data type in Access Token Response May 31, 2021
@jgrandja jgrandja added type: enhancement A general enhancement and removed type: bug A general bug labels May 31, 2021
sjohnr added a commit that referenced this issue Jun 1, 2021
@sjohnr
Access Token Response supports any data type
dd9043b 
Changed the converter used to convert a map into an OAuth2AccessTokenResponse to
support any object as the value, including json numbers and nested objects. Also
deprecated old classes/setters and added new classes/setters.

Closes gh-9685
sjohnr added a commit that referenced this issue Jun 1, 2021
@sjohnr
Access Token Response supports any data type
10de63c 
Changed the converter used to convert a map into an OAuth2AccessTokenResponse to
support any object as the value, including json numbers and nested objects. Also
deprecated old classes/setters and added new classes/setters.

Closes gh-9685
This was referenced Jul 12, 2021
Closed
Closed
akohli96 pushed a commit to akohli96/spring-security that referenced this issue Aug 25, 2021
@sjohnr
Access Token Response supports any data type
b4539f4 
Changed the converter used to convert a map into an OAuth2AccessTokenResponse to
support any object as the value, including json numbers and nested objects. Also
deprecated old classes/setters and added new classes/setters.

Closes spring-projectsgh-9685
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjohnr sjohnr

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.6.0-M1
3 participants
@sjohnr @mychaint @jgrandja