spring-cloud-security icon indicating copy to clipboard operation
spring-cloud-security copied to clipboard
verified publisher icon spring-attic

OAuth2 intercepter for feign does not re-issue invalid token

Open ArtyomGabeev opened this issue 6 years ago • 3 comments

Hi,

If we check OAuth2RestTemplate it has an option retryBadAccessTokens which will try one more time to obtain new access token if previous token is invalid. This is useful if, for some reasons, you decide to revoke access token.

In OAuth2FeignRequestInterceptor access token is preserved in client context until it expires. There is no way to make feign to reissue new token until it expire.

The difficulty here that in feign interceptor is not responsible for retry. So what will be correct way to handle this issue? One of the option is to implement a feign retryer which will clean up client context.

If it is correct, do you want me to try to contribute this change?

ArtyomGabeev avatar Sep 02 '19 11:09 ArtyomGabeev

Sure we would be happy to review an enhancement

ryanjbaxter avatar Nov 04 '19 15:11 ryanjbaxter

@ryanjbaxter done. But I did not find any documentation about OAuth2Interecptor in feign, so I'm not sure where should I need to document new retyer.

Thanks.

ArtyomGabeev avatar Nov 13 '19 17:11 ArtyomGabeev

@ArtyomGabeev are you not sure where the documentation is, or where to put it in the documentation itself

ryanjbaxter avatar Nov 14 '19 21:11 ryanjbaxter