Skip to content

Support OAuth 2.0 Demonstrating Proof of Possession (DPoP) #1813

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jgrandja opened this issue Nov 13, 2024 · 0 comments
Closed

Support OAuth 2.0 Demonstrating Proof of Possession (DPoP) #1813

jgrandja opened this issue Nov 13, 2024 · 0 comments
Assignees
@jgrandja
Labels
type: enhancement A general enhancement
Milestone
1.5.0-M1

Comments

@jgrandja
Copy link
Collaborator

jgrandja commented Nov 13, 2024
edited
Loading

This issue will add authorization server support for RFC 9449 OAuth 2.0 Demonstrating Proof of Possession (DPoP).

See the integration test requestWhenTokenRequestWithDPoPProofThenReturnDPoPBoundAccessToken() which demonstrates how to obtain a DPoP-bound access token.

spring-authorization-server/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java

Line 989 in 779d87a

public void requestWhenTokenRequestWithDPoPProofThenReturnDPoPBoundAccessToken() throws Exception {

Related spring-security#16574
@jgrandja jgrandja added the type: enhancement A general enhancement label Nov 13, 2024
@jgrandja jgrandja moved this to Planning in Spring Security Team Nov 13, 2024
@jgrandja jgrandja mentioned this issue Nov 13, 2024
Closed
@jgrandja jgrandja moved this from Planning to In Progress in Spring Security Team Jan 21, 2025
@jgrandja jgrandja added this to the 1.5.0-M1 milestone Jan 21, 2025
@jgrandja jgrandja self-assigned this Jan 21, 2025
@jgrandja jgrandja moved this from In Progress to Done in Spring Security Team Feb 14, 2025
@jgrandja jgrandja mentioned this issue Feb 14, 2025
Merged
@jgrandja jgrandja mentioned this issue Mar 25, 2025
Closed
jgrandja added a commit that referenced this issue Mar 25, 2025
@jgrandja
Verify DPoP Proof public key during refresh_token grant for public cl…
48fd6ab 
…ients

Issue gh-1813

Closes gh-1949
@jgrandja jgrandja mentioned this issue Mar 27, 2025
Closed
jgrandja added a commit that referenced this issue Mar 27, 2025
@jgrandja
Add authorization server metadata for DPoP support
65e3a5e 
Issue gh-1813

Closes gh-1951
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
type: enhancement A general enhancement
Projects
Spring Security Team
Status: Done
Milestone
1.5.0-M1
Development

No branches or pull requests
1 participant
@jgrandja