Skip to content

Always return current ClientRegistration in loadAuthorizedClient #16133

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Always return current ClientRegistration in loadAuthorizedClient #16133

wants to merge 1 commit into from

Conversation

kzander91
Copy link
Contributor

This changes InMemoryOAuth2AuthorizedClientService.loadAuthorizedClient (and its reactive counterpart) to always return OAuth2AuthorizedClient instances containing the current ClientRegistration as obtained from the ClientRegistrationRepository.

Before this change, the first ClientRegistration instance was cached, with the effect that any changes made in the ClientRegistrationRepository (such as a new client secret) would not have taken effect.

Closes gh-15511

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Nov 19, 2024
@kzander91 kzander91 force-pushed the gh-15511 branch 5 times, most recently from 0c331a9 to 39b03f9 Compare November 19, 2024 07:57
@kzander91
Copy link
Contributor Author

kzander91 commented Nov 19, 2024
edited
Loading

I configured my IntelliJ code style according to https://github.com/spring-projects/spring-framework/wiki/IntelliJ-IDEA-Editor-Settings and some formatting and imports changed in the tests.
Did I configure something incorrectly, or were the files just not formatted correctly?

@kzander91 kzander91 marked this pull request as ready for review November 19, 2024 08:14
@kzander91 kzander91 mentioned this pull request Nov 19, 2024
Closed
@sjohnr
Copy link
Contributor

sjohnr commented Nov 19, 2024

I configured my IntelliJ code style according to https://github.com/spring-projects/spring-framework/wiki/IntelliJ-IDEA-Editor-Settings and some formatting and imports changed in the tests.

I don't know if the the code settings are up to date, but the build enforces code style and will not pass unless it is correct. I have run the build so you can see its output.

Did I configure something incorrectly, or were the files just not formatted correctly?

The files were formatted correctly previously since (as mentioned above) the build would fail otherwise.

@kzander91
Copy link
Contributor Author

@sjohnr Thanks for the review, I ran gradle format and have pushed the changes.

@sjohnr sjohnr self-assigned this Nov 19, 2024
@sjohnr sjohnr added type: bug A general bug in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Nov 19, 2024
@kzander91
Always return current ClientRegistration in loadAuthorizedClient
16d5714 
This changes `InMemoryOAuth2AuthorizedClientService.loadAuthorizedClient`
(and its reactive counterpart) to always return `OAuth2AuthorizedClient`
instances containing the current `ClientRegistration` as obtained from
the `ClientRegistrationRepository`.

Before this change, the first `ClientRegistration` instance was cached,
with the effect that any changes made in the `ClientRegistrationRepository`
(such as a new client secret) would not have taken effect.

Closes spring-projectsgh-15511
@sjohnr sjohnr mentioned this pull request Nov 20, 2024
Closed
@sjohnr sjohnr added this to the 6.2.9 milestone Nov 20, 2024
sjohnr added a commit that referenced this pull request Nov 20, 2024
@sjohnr
Polish gh-16133
0eb6acd
@sjohnr
Copy link
Contributor

sjohnr commented Nov 20, 2024

Thanks @kzander91! This is now merged into 6.2.x as 73f3f75 with polish 0eb6acd.

@sjohnr sjohnr closed this Nov 20, 2024
@kzander91 kzander91 deleted the gh-15511 branch November 21, 2024 06:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sjohnr sjohnr sjohnr left review comments

Assignees

@sjohnr sjohnr

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

InMemory[Reactive]OAuth2AuthorizedClientService does not support changes to the ClientRegistration at runtime
3 participants
@kzander91 @sjohnr @spring-projects-issues