Allow OAuth2ClientSpec to get ReactiveOAuth2AccessTokenResponseClient from Spring IoC

[NotFound403]

Expected Behavior

Just like OAuth2LoginSpec, OAuth2ClientSpec should get ReactiveOAuth2AccessTokenResponseClient from Spring IoC :

  		/**
		 * Gets the {@link ReactiveAuthenticationManager} to use. First tries an explicitly configured manager, and
		 * defaults to {@link OAuth2AuthorizationCodeReactiveAuthenticationManager}
		 *
		 * @return the {@link ReactiveAuthenticationManager} to use
		 */
		private ReactiveAuthenticationManager getAuthenticationManager() {
			if (this.authenticationManager == null) {
				this.authenticationManager = new OAuth2AuthorizationCodeReactiveAuthenticationManager(getAccessTokenResponseClient());
			}
			return this.authenticationManager;
		}

		private ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> getAccessTokenResponseClient() {
			ResolvableType type = ResolvableType.forClassWithGenerics(ReactiveOAuth2AccessTokenResponseClient.class, OAuth2AuthorizationCodeGrantRequest.class);
			ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> bean = getBeanOrNull(type);
			if (bean == null) {
				return new WebClientReactiveAuthorizationCodeTokenResponseClient();
			}
			return bean;
		}

Current Behavior

Current mechanism ：

		private ReactiveAuthenticationManager getAuthenticationManager() {
			if (this.authenticationManager == null) {
				this.authenticationManager = new OAuth2AuthorizationCodeReactiveAuthenticationManager(new WebClientReactiveAuthorizationCodeTokenResponseClient());
			}
			return this.authenticationManager;
		}

Context I consider that，ReactiveOAuth2AccessTokenResponseClient in Spring IoC is the default one 、the global one. This facilitates consistent behavior，if not I need like the following ：

    @Bean
    @ConditionalOnMissingBean
    SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http.authorizeExchange().anyExchange().authenticated();
        http.oauth2Login();
        http.oauth2Client().authenticationManager(new OAuth2AuthorizationCodeReactiveAuthenticationManager(oAuth2AccessTokenResponseClient()));
        return http.build();
    }

    @Bean
    public ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> oAuth2AccessTokenResponseClient() {
    // ignore
    }

It looks not good.

[sjohnr]

Hi @NotFound403. I'm going through a few unanswered issues and saw this one.

It looks not good.

Can you explain what you mean here? For example, do you mean that there's a workaround but it is inconvenient or difficult? Or do you mean something you're trying to achieve is impossible?

[spring-projects-issues]

If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.

[sjohnr]

@NotFound403 did you happen to see the above comment?

[NotFound403]

ReactiveOAuth2AccessTokenResponseClient could customize and have the global default one in Spring IoC

[sjohnr]

Thanks @NotFound403. I think you're just requesting a general enhancement (nice-to-have) to make OAuth2ClientSpec consistent with OAuth2LoginSpec in the way it obtains a ReactiveOAuth2AccessTokenResponseClient for creating the default OAuth2AuthorizationCodeReactiveAuthenticationManager. Let me know if you think there's anything I've missed.

[NotFound403]

Thanks @NotFound403. I think you're just requesting a general enhancement (nice-to-have) to make OAuth2ClientSpec consistent with OAuth2LoginSpec in the way it obtains a ReactiveOAuth2AccessTokenResponseClient for creating the default OAuth2AuthorizationCodeReactiveAuthenticationManager. Let me know if you think there's anything I've missed.

yes, keep them consistent