Spring security Oauth2 client modify authorization request going to Oa - Enhance your coding expertise with Ashish on @onlycoders.net

1 year ago

#280919

Ashish

Spring security Oauth2 client modify authorization request going to Oauth server

I have use case where I need to add additional parameter(login hint) to the authorize request. On researching I found that we can do this by OAuth2AuthorizationRequestResolver. The problem I am facing is that the HttpServeletRequest object present in this class is not the instance of original HttpServletRequest initiated by client. So, I can not fetch the query param or path param send by client and append them to to the authorization URI as extra parameter(e.g. User name).

public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {

    private OAuth2AuthorizationRequestResolver defaultResolver;

    public CustomAuthorizationRequestResolver(ClientRegistrationRepository repo, String authorizationRequestBaseUri) {
        defaultResolver = new DefaultOAuth2AuthorizationRequestResolver(repo, authorizationRequestBaseUri);
    }

    @Override
    public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
        defaultResolver.resolve(request);
        OAuth2AuthorizationRequest req = defaultResolver.resolve(request);

        if (req != null) {
            req = customizeAuthorizationRequest(req, request);
        }
        return req;
    }

    @Override
    public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String clientRegistrationId) {
        OAuth2AuthorizationRequest req = defaultResolver.resolve(request, clientRegistrationId);
        if (req != null) {
            req = customizeAuthorizationRequest(req, request);
        }
        return req;
    }

    private OAuth2AuthorizationRequest customizeAuthorizationRequest(OAuth2AuthorizationRequest req,
            HttpServletRequest request) {
        Map<String, Object> extraParams = new HashMap<String, Object>();
        extraParams.putAll(req.getAdditionalParameters());
        String userName = request.getParameter("userName");
        extraParams.put("login_hint", userName);
        return OAuth2AuthorizationRequest.from(req).additionalParameters(extraParams).build();
    }

}

Any help would be appreciated.

spring-security

spring-oauth2

0 Answers

Your Answer

Posts

Questions

Blogs

Jobs