spring-security-mongo icon indicating copy to clipboard operation
spring-security-mongo copied to clipboard
verified publisher icon caelcs

Do not serialize OAuth2AccessToken and OAuth2RefreshToken into byte[]

Open activey opened this issue 6 years ago • 4 comments

Just tried it locally, works pretty well when exposed in original structure and not serialized into byte[] for both of them, makes an option to take a look into Mongo and see how are tokens values, just a suggestion but would be awesome to see tokens in text rather in byte arrays ;)

activey avatar Apr 25 '19 20:04 activey

Yes you are right about it. Better way to debug it and inspect.

On Thu, 25 Apr 2019 at 21:03, Łukasz Grabski [email protected] wrote:

Just tried it locally, works pretty well when exposed in original structure and not serialized into byte[] for both of them, makes an option to take a look into Mongo and see how are tokens values, just a suggestion but would be awesome to see tokens in text rather in byte arrays ;)

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/caelcs/spring-security-mongo/issues/16, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGGB3P4Z4FAIEBTPSGGA4LPSIE73ANCNFSM4HIQHZOA .

-- Sent from my iPhone

caelcs avatar Apr 25 '19 20:04 caelcs

:+1:

activey avatar Apr 25 '19 20:04 activey

Can you tell me where you see that serialisation? I wonder if you are not talking about the pass enconder....

caelcs avatar Apr 26 '19 07:04 caelcs

Sure, in https://github.com/caelcs/spring-security-mongo/blob/540e8a2d76b9847ce9617c485b8f9cee9de9ba4b/src/main/java/uk/co/caeldev/springsecuritymongo/MongoTokenStore.java#L82 there is serializeAccessToken method called, I believe you dont need to do it or maybe introduce some serialization strategy? I can create a merge request with my suggestion if you wish ;)

activey avatar Apr 26 '19 15:04 activey