spring-security icon indicating copy to clipboard operation
spring-security copied to clipboard
verified publisher icon spring-projects

Expose default success/error handlers in OAuth2AuthorizationEndpointFilter

Open OrangeDog opened this issue 8 months ago • 3 comments

Expected Behavior The default behaviour of the AuthenticationSuccessHandler and AuthenticationFailureHandlers should be acessible, so that they can be extended and/or composed without having to copy-paste them from the current source code.

Current Behavior In OAuth2AuthorizationEndpointFilter, for example, both handlers are private method references, with no getters defined either.

Context I wanted to change the error page handler when the redirectUri cannot be used. This was easily possible in the previous implementation.

OrangeDog avatar Apr 25 '25 13:04 OrangeDog

Related spring-projects/spring-authorization-server#1557

jgrandja avatar Apr 30 '25 18:04 jgrandja

This issue was transferred from spring-projects/spring-authorization-server (see spring-authorization-server#2195)

jgrandja avatar Dec 03 '25 22:12 jgrandja

This enhancement should provide the capability to customize the RedirectStrategy for both the AuthenticationSuccessHandler and AuthenticationFailureHandler (https://github.com/spring-projects/spring-authorization-server/issues/1557 and https://github.com/spring-projects/spring-authorization-server/issues/1232)

jgrandja avatar Dec 04 '25 16:12 jgrandja