Skip to content

Improve customizing OIDC UserInfo endpoint #785

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
franzfloresjr opened this issue Jun 17, 2022 · 2 comments
Closed

Improve customizing OIDC UserInfo endpoint #785

franzfloresjr opened this issue Jun 17, 2022 · 2 comments
Assignees
@Kehrlann
Labels
type: enhancement A general enhancement
Milestone
0.4.0-RC1

Comments

@franzfloresjr
Copy link

Expected Behavior
It would be great if the oidcUserInfoEndpointFilter is configurable so that we can provide a custom OidcUserInfoHttpMessageConverter or configure the OidcUserInfoHttpMessageConverter#jsonMessageConverter. In my case, I am using java.time.LocalDate data type in the birthdate claim and need to serialize it to a formatted string (e.g. DateTimeFormatter.ISO_DATE). Hence, I want to provide an object mapper with a configured LocalDateSerializer to the MappingJackson2HttpMessageConverter.

Current Behavior
The default OidcUserInfoHttpMessageConverter#jsonMessageConverter has a value of new MappingJackson2HttpMessageConverter() which has a plain ObjectMapper (Jackson2ObjectMapperBuilder.json().build()). OidcUserInfo claims that has a data type of java.time.LocalDate (in my case birthdate) are written as array of numbers.

Context
I want to serialize java.time.LocalDate to a formatted string. What I did to achieve this is to implement a custom OidcUserInfoEndpontConfigurer, OidcUserInfoEndpointFilter and OidcUserInfoHttpMessageConverter.

public class CustomOidcUserInfoHttpMessageConverter extends AbstractHttpMessageConverter<OidcUserInfo> {
    private final GenericHttpMessageConverter<Object> jsonMessageConverter =
        new MappingJackson2HttpMessageConverter(
            Jackson2ObjectMapperBuilder.json()
                .serializers(new LocalDateSerializer(DateTimeFormatter.ISO_DATE))
                .build()
        );

    ...
}

public class CustomOidcUserInfoEndpointFilter extends OncePerRequestFilter {
    private final HttpMessageConverter<OidcUserInfo> userInfoHttpMessageConverter =
        new CustomOidcUserInfoHttpMessageConverter();
    
    ...
}

public class CustomOidcUserInfoEndpointConfigurer<B extends HttpSecurityBuilder<B>>
    extends AbstractHttpConfigurer<CustomOidcUserInfoEndpointConfigurer<B>, B> {

    @Override
    public void configure(B builder) throws Exception {
        AuthenticationManager authenticationManager = builder.getSharedObject(AuthenticationManager.class);
        ProviderSettings providerSettings = getProviderSettings(builder);

        CustomOidcUserInfoEndpointFilter oidcUserInfoEndpointFilter =
            new CustomOidcUserInfoEndpointFilter(authenticationManager, providerSettings.getOidcUserInfoEndpoint());

        builder.addFilterBefore(oidcUserInfoEndpointFilter, OidcUserInfoEndpointFilter.class);
    }

    ...
}

@Configuration
public class AuthorizationServerConfiguration {
    
    @Bean
    public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) {

        ...

        http.apply(authorizationServerConfigurer).and()
            .apply(new CustomOidcUserInfoEndpointConfigurer<>());

        return http.build();
    }
}
@franzfloresjr franzfloresjr added the type: enhancement A general enhancement label Jun 17, 2022
@jgrandja jgrandja changed the title Allow configuration of OidcUserInfoEndpointFilter in OidcUserInfoEndpointConfigurer Improve customizing OIDC UserInfo endpoint Jul 19, 2022
@Kehrlann
Copy link
Contributor

I'm interested in picking this one up.

@jgrandja jgrandja added this to the 0.4.0-RC1 milestone Oct 18, 2022
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 21, 2022
@Kehrlann
Add configuration options to OidcUserInfoEndpointConfigurer
93ed40c 
- Issue spring-projectsgh-785
@Kehrlann Kehrlann mentioned this issue Oct 21, 2022
Closed
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 21, 2022
@Kehrlann
Add configuration options to OidcUserInfoEndpointConfigurer
6c7b011 
- Issue spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 21, 2022
@Kehrlann
Add configuration options to OidcUserInfoEndpointConfigurer
5698b03 
- Issue spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 21, 2022
@Kehrlann
Add configuration options to OidcUserInfoEndpointConfigurer
129ff3e 
- Issue spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 21, 2022
@Kehrlann
Add configuration options to OidcUserInfoEndpointConfigurer
642ef8d 
- Issue spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 21, 2022
@Kehrlann
Improve customizing OIDC UserInfo endpoint
af3e0ec 
Closes spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 24, 2022
@Kehrlann
Improve customizing OIDC UserInfo endpoint
e617236 
Closes spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 26, 2022
@Kehrlann
Improve customizing OIDC UserInfo endpoint
2c5cc1a 
Closes spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 26, 2022
@Kehrlann
Improve customizing OIDC UserInfo endpoint
f1f60c0 
Closes spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 26, 2022
@Kehrlann
Improve customizing OIDC UserInfo endpoint
c97ecaa 
Closes spring-projectsgh-785
Kehrlann added a commit to Kehrlann/spring-authorization-server that referenced this issue Oct 27, 2022
@Kehrlann
Improve customizing OIDC UserInfo endpoint
e7dd6de 
Closes spring-projectsgh-785
jgrandja pushed a commit that referenced this issue Oct 28, 2022
@Kehrlann @jgrandja
Improve customizing OIDC UserInfo endpoint
8d7f8b3 
Closes gh-785
@jgrandja
Copy link
Collaborator

@franzfloresjr You can now customize the UserInfo response using a custom OidcUserInfoEndpointFilter.setAuthenticationSuccessHandler(AuthenticationSuccessHandler). The custom AuthenticationSuccessHandler can configure a custom OidcUserInfoHttpMessageConverter.setUserInfoParametersConverter(Converter<OidcUserInfo, Map<String, Object>>) to customize the format for any of the claims.

doba16 pushed a commit to doba16/spring-authorization-server that referenced this issue Apr 21, 2023
@Kehrlann @jgrandja
Improve customizing OIDC UserInfo endpoint
d669a6b 
Closes spring-projectsgh-785
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kehrlann Kehrlann

Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
0.4.0-RC1
Development

Successfully merging a pull request may close this issue.

Improve customizing OIDC UserInfo endpoint Kehrlann/spring-authorization-server
3 participants
@Kehrlann @franzfloresjr @jgrandja