Replacement for OAuth2FeignRequestInterceptor from spring-cloud-security?

See original GitHub issue

Is your feature request related to a problem? Please describe. For my Feign Clients I need to add an RequestInterceptor which enhances the requests with an OAuth Bearer Token. I still use the OAuth2FeignRequestInterceptor. But it simply states @deprecated will move to Spring Cloud Openfeign in next major release

I need quite it’s features as the oAuth provider Auth0 requires a non standard attribute “audience” - so I configure the interceptor with customized versions of DefaultOAuth2ClientContext, DefaultAccessTokenRequest, DefaultRequestEnhancer, ClientCredentialsAccessTokenProvider (which themselves all get @Deprecated - but the Migration Guide doesn’t really help me yet)

Describe the solution you’d like A 1:1 replacement for the OAuth2FeignRequestInterceptor or an equivalent which can handle additional attributes in the token request needed for Auth0 (“audience”).

Describe alternatives you’ve considered I stay with the deprecated OAuth2FeignRequestInterceptor and ignore all the Warnings in the logs and IDE 👎

Additional context There is also a question on StackOverflow addressing this issue from somebody else - but no answers or ideas yet.

Issue Analytics

  • State:open
  • Created 3 years ago
  • Reactions:11
  • Comments:9 (2 by maintainers)

github_iconTop GitHub Comments

22reactions
spadge4711commented, Jan 11, 2021

@spencergibb this issue was not resolved: the OAuth2FeignRequestInterceptor class was moved to spring-cloud-openfeign, but the dependent classes like OAuth2ClientContext & OAuth2ProtectedResourceDetails have been deprecated and are now missing in spring security 5.x

17reactions
cforcecommented, Jun 23, 2021

I can not distill from above comments and stack overflow what is a valid approach bassing on spring security 5. I am missing integration/migration guides for feign like this one https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide where Feign unfortunately is not handled. @spencergibb please give advice

Read more comments on GitHub >

github_iconTop Results From Across the Web

Alternative for OAuth2FeignRequestInterceptor that depends ...
OAuth2FeignRequestInterceptor from spring-cloud-security project acquires OAuth2 token and sets it to a Feign's RequestTemplate ...
Read more >
OAuth2FeignRequestInterceptor (spring-cloud-security 2.0.0 ...
Pre-defined custom RequestInterceptor for Feign Requests It uses the OAuth2ClientContext provided from the environment and construct a new header on the ...
Read more >
spring-projects/spring-security-oauth - Gitter
A single-page application in Vue (served by an nginx); A Spring Cloud Gateway acting as OAuth2 client for a Keycloak IDP; A Spring...
Read more >
in - org.springframework.cloud.security.oauth2.client.feign
ClientCredentialsResourceDetails resource) { return new OAuth2FeignRequestInterceptor(oauth2ClientContext, resource);
Read more >
org.springframework.security.oauth2.client.token ...
Source Project: spring-cloud-security Author: spring-cloud File: ... OAuth2FeignRequestInterceptor oAuth2FeignRequestInterceptor = new ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found