Max Batischev
Max Batischev
Closes gh-11983
Need to add `BearerTokenAuthenticationConverter` that implements `AuthenticationConverter`. Perhaps, it is worth extract some of the functionality from `ServerBearerTokenAuthenticationConverter` into `AbstractBearerTokenAuthenticationConverter` for example. This will be a template method pattern.
Need to add https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html support.
There are cases where support for multiple `OpaqueTokenIntrospectors` in an `OpaqueTokenAuthenticationProvider` is needed. This is easier than adding another provider to `ProviderManager`, because `OpaqueTokenAuthenticationConverter` is often the same for different...
Related [https://github.com/spring-projects/spring-security/issues/15220](https://github.com/spring-projects/spring-security/issues/15220) ``` @Bean @Order(0) SecurityFilterChain app(HttpSecurity http) throws Exception { http .securityMatcher("/app/**") .authorizeHttpRequests(...) .formLogin(...) return http.build(); } @Bean @Order(1) SecurityFilterChain api(HttpSecurity http) throws Exception { http .securityMatcher("/app/**") .authorizeHttpRequests(...) .httpBasic(...)...
Closes gh-14778
To support reactive one-time token login for a clustered environment, need to implement `R2dbcReactiveOneTimeTokenService` or something like this.
To reduce code duplication between `InMemoryOneTimeTokenService` and `JdbcOneTimeTokenService`, need to separate out the shared code in `AbstractOneTimeTokenService`. This class can be made part of public API so that developers can...
Need to consider adding [CIBA](https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html) support.
Closes gh-16750