spring-authorization-server

spring-authorization-server copied to clipboard

Token Exchange does not support id_token token type

16

Spring Authorization Server supports the *Exchange Token* feature; introduced in #60 According to [RFC 8693][1], the token type `id_token` is valid, but not supported by [OAuth2TokenExchangeAuthenticationConverter][2], which accepts only `jwt`...

banterCZ

Enhance OAuth2TokenExchangeAuthenticationProvider to support additional trusted issuers

16

**Expected Behavior** OAuth2TokenExchangeAuthenticationProvider should be enhanced to support subject/actor tokens from other trusted issuers **Current Behavior** Today, OAuth2TokenExchangeAuthenticationProvider validates/authorizes the subject/actor token by looking for the JWT in the configured...

joshuawhite929

This PR related https://github.com/spring-projects/spring-authorization-server/pull/1914

ngocnhan-tran1996

Add client-certificate when fetching client-jwks

1

**Expected Behavior** We would like to add a client-certificate to the outbound request when fetching a JwkSetUrl from a configured client. **Current Behavior** RestTemplate is a static final variable in...

edwinrozendom