Skip to content

Provide capability for resolving Bearer Token #5121

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jgrandja opened this issue Mar 15, 2018 · 1 comment · Fixed by jzheaux/spring-security-oauth2-resource-server#3
Closed

Provide capability for resolving Bearer Token #5121

jgrandja opened this issue Mar 15, 2018 · 1 comment · Fixed by jzheaux/spring-security-oauth2-resource-server#3
Assignees
@vpavic
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.1.0.M2

Comments

@jgrandja
Copy link
Contributor

This feature implements The OAuth 2.0 Authorization Framework: Bearer Token Usage and will be leveraged by Resource Server and Authorization Server.

Provide a BearerTokenResolver interface with the default implementation resolving from the Authorization Request Header field.
@jgrandja jgrandja added New Feature in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Mar 15, 2018
@jgrandja jgrandja added this to the 5.1.0.M1 milestone Mar 15, 2018
vpavic added a commit to vpavic/spring-security that referenced this issue Mar 16, 2018
@vpavic
Provide Bearer Token resolving strategy
f5912a4 
This commit creates oauth2-resource-server module and provides a strategy for resolving Bearer Token from HTTP request together with default implementation that aligns with RFC 6750.

Closes spring-projectsgh-5121
@vpavic vpavic mentioned this issue Mar 16, 2018
Closed
@jgrandja jgrandja modified the milestones: 5.1.0.M1, 5.1.0.M2 Mar 16, 2018
@jgrandja jgrandja mentioned this issue Mar 16, 2018
Closed
@vpavic vpavic mentioned this issue Mar 16, 2018
Merged
@rwinch rwinch mentioned this issue Mar 16, 2018
Closed
11 tasks
@jgrandja jgrandja reopened this Apr 12, 2018
@jgrandja
Copy link
Contributor Author

@vpavic Re-opening this until this get's merged into Spring Security.

@jzheaux jzheaux mentioned this issue Jul 3, 2018
Closed
jzheaux added a commit to jzheaux/spring-security that referenced this issue Jul 16, 2018
@jzheaux
Resource Server Jwt Support
2b628f6 
Introducing initial support for Jwt-Encoded Bearer Token authorization
with remote JWK set signature verification.

High-level features include:

- Accepting bearer tokens as headers and form or query parameters
- Verifying signatures from a remote Jwk set

And:

- A DSL for easy configuration
- A sample to demonstrate usage

Fixes: spring-projectsgh-5128
Fixes: spring-projectsgh-5125
Fixes: spring-projectsgh-5121
Fixes: spring-projectsgh-5130
Fixes: spring-projectsgh-5226
Fixes: spring-projectsgh-5237
@rwinch rwinch closed this as completed in 40ccdb9 Jul 16, 2018
@rwinch rwinch added the type: enhancement A general enhancement label May 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vpavic vpavic

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.1.0.M2
3 participants
@rwinch @vpavic @jgrandja