It would be nice if Spring Boot added some autoconfiguration for applying Spring Security's OAuth2 Support for Interface HTTP Clients.
The configuration looks like this for RestClient and should be activated with the classpath has RestClient, the OAuth2 client jar, and has an OAuth2AuthorizedClientManager bean.
@Bean
OAuth2RestClientHttpServiceGroupConfigurer securityConfigurer(
OAuth2AuthorizedClientManager manager) {
return OAuth2RestClientHttpServiceGroupConfigurer.from(manager);
}
The configuration looks like this for WebClient and should be activated with the classpath has WebClient and OAuth2 client jar, and has an OAuth2AuthorizedClientManager bean.
@Bean
OAuth2RestClientHttpServiceGroupConfigurer securityConfigurer(
OAuth2AuthorizedClientManager manager) {
return OAuth2RestClientHttpServiceGroupConfigurer.from(manager);
}
cc @joshlong
Comment From: Torres-09
Hi there, I'd like to contribute to this issue.
I'll start working on adding autoconfiguration for OAuth2 support to both RestClient and WebClient in Spring Boot.
Are there any additional considerations or points I should be aware of before I get started?
Comment From: wilkinsona
Thanks for the offer, @Torres-09.
In addition to the two scenarios that @rwinch has described above. I think we should also consider the use of WebClient in a servlet application. In that case, the OAuth2WebClientHttpServiceGroupConfigurer should be created using from(OAuth2AuthorizedClientManager).
@rwinch please let us know if there's good reason not to do so.
Comment From: Torres-09
Hello, I'm following this issue with interest. There have been no updates for a few weeks, so I wanted to ask if there is any news or progress on this. Thank you!
Comment From: philwebb
Nothing as yet @Torres-09, but rest assured that we'll update this issue when progress has been made.