Skip to content

OAuth2AuthenticationToken.ClientRegistration -> AuthorizedClient #4520

New issue
New issue
Closed
Closed
OAuth2AuthenticationToken.ClientRegistration -> AuthorizedClient#4520
Assignees
jgrandja
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
Milestone
5.0.0.M5
@jgrandja

Description

@jgrandja
jgrandja
opened on Sep 12, 2017

The OAuth2AuthenticationToken currently has a ClientRegistration attribute associated with it.
However, it makes much more sense to replace this and introduce a new construct that represents an instance of an Authorized Client.

An OAuth2AuthenticationToken represents a combination of an authentication of an end-user at the external identity provider as well as an authorized client by the end-user during the consent/authorization step of the Authorization Code grant flow. It makes a lot more sense to have an AuthorizedClient construct given that it's really an instance of ClientRegistration. For example, the same client (from a ClientRegistration) may be authorized more than once depending on the authorization grants it's configured with and the flows it's goes through.

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions