Steve Riesenberg
Steve Riesenberg
We should add a clear example to the reference for setting up an application with the `client_credentials` grant type. Often, this use case requires access tokens scoped to the application...
This theme will focus on providing consistency for Servlet and Reactive applications that use OAuth2 Client features. Examples include providing consistent parameters for access token requests and notable differences in...
Related gh-14811, gh-13588
**Expected Behavior** In Spring Security 6.3, [we simplified configuration](https://github.com/spring-projects/spring-security/issues/13763) by introducing a new `BeanDefinitionRegistryPostProcessor` to register a `ReactiveOAuth2AuthorizedClientManager` bean if one is not already present. _Note_ that we aren't using...
**Current behavior:** Some samples (for example, the `servlet/spring-boot/java/oauth2/webclient` sample) are attempting to show a Spring Boot error page in certain scenarios, but instead show the login page when the user...
In reactive gateway, I can do: ```yaml spring: cloud: gateway: routes: - id: cashcards uri: http://localhost:8090 predicates: - Path=/cashcards/** filters: - TokenRelay=cashcard-client ``` In this example, I'm specifying `cashcard-client` as...
Publish a guide on how to set up Spring Cloud Gateway as an OAuth2 Client of Spring Authorization Server in order to use the gateway as a BFF (backend-for-frontend). This...
We should align `(Server|Servlet)OAuth2AuthorizedClientExchangeFilterFunction` with `OAuth2ClientHttpRequestInterceptor` which introduces a `ClientRegistrationIdResolver` as a flexible strategy for resolving the `clientRegistrationId` for a given request. For `WebClient`-based `ExchangeFilterFunction`s, the interface could be: ```java...