OAuth2 auto configuration support for Eureka Client. #2563
Conversation
| @@ -27,6 +27,7 @@ | |||
| <spring-cloud-commons.version>2.0.0.BUILD-SNAPSHOT</spring-cloud-commons.version> | |||
| <spring-cloud-config.version>2.0.0.BUILD-SNAPSHOT</spring-cloud-config.version> | |||
| <spring-cloud-stream.version>Elmhurst.BUILD-SNAPSHOT</spring-cloud-stream.version> | |||
| <spring-security-oauth2.version>2.2.1.RELEASE</spring-security-oauth2.version> | |||
There was a problem hiding this comment.
This isn't managed by boot?
There was a problem hiding this comment.
Still a WIP : spring-attic/spring-security-oauth#1240
There was a problem hiding this comment.
I don't know if there are plans to make this managed on boot. @rwinch any opinion on that? I don't need autoconfiguration, just the dependencies. We are talking about boot 2.0.
There was a problem hiding this comment.
@daniellavoie Thanks for reaching out! There are no plans for the old OAuth project version to be managed by Spring Boot.
There was a problem hiding this comment.
Had a chat with Rob, best option is to migrate OAuth2RestTemplate to WebClient using Spring Security 5. I'll reword that PR.
There was a problem hiding this comment.
Ok, it won't be as easy. Spring Security 5 doesn't support automatic token retrieval for resource servers. The old OAuth2RestTemplate handled that for us. @rwinch plans on integrating that for Security 5.1. We have 3 options:
- Wait for Security 5.1 - See Spring Security #4921
- Integrate the old non-managed lib until migration to Security 5.1
- Write token retrieval logic with WebClient (could be base work for Security 5.1).
I think the most reasonable option is to wait for Security 5.1
@ryanjbaxter @spencergibb Any opinion?
There was a problem hiding this comment.
I dont see any reason why we need this PR right now so I dont see why we cant wait.
|
|
||
| === Custom authentication | ||
|
|
||
| For more complex needs you can create a `@Bean` of type `DiscoveryClientOptionalArgs` and |
There was a problem hiding this comment.
Mention this is for jersey specifically.
There was a problem hiding this comment.
Well not exactly true, if you use the rest template you can still extend the DiscoveryClientOptionalArgs (that's what we do on SCS)
| public class BasicEurekaRestTemplateFactory implements EurekaRestTemplateFactory { | ||
| @Override | ||
| public RestTemplate newRestTemplate(String serviceUrl) { | ||
| RestTemplate restTemplate = new RestTemplate(); |
There was a problem hiding this comment.
Shouldnt we use RestTemplateBuilder?
There was a problem hiding this comment.
I don't have any strong opinion on that. Pushed a new version with the builder.
daniellavoie
force-pushed
the
eureka-oauth2
branch
from
9ced12a to
711c1fb
Compare
Provides support for OAuth2 on Eureka Client.
Disclaimer: Support is only provided when Eureka Client is not using Jersey.