You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/manual/src/docs/asciidoc/_includes/servlet/oauth2/oauth2-resourceserver.adoc
+8-3
Original file line number
Diff line number
Diff line change
@@ -1926,7 +1926,7 @@ http
1926
1926
1927
1927
=== Bearer Token Propagation
1928
1928
1929
-
Now that you're in possession of a bearer token, it might be handy to pass that to downstream services.
1929
+
Now that you're resource server has validated the token, it might be handy to pass it to downstream services.
1930
1930
This is quite simple with `{security-api-url}org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServletBearerExchangeFilterFunction.html[ServletBearerExchangeFilterFunction]`, which you can see in the following example:
1931
1931
1932
1932
[source,java]
@@ -1970,12 +1970,12 @@ this.rest.get()
1970
1970
In this case, the filter will fall back and simply forward the request onto the rest of the web filter chain.
1971
1971
1972
1972
[NOTE]
1973
-
Unlike the https://docs.spring.io/spring-security/site/docs/current-SNAPSHOT/api/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.html[OAuth 2.0 Client filter function], this filter function makes no attempt to renew the token, should it be expired.
1973
+
Unlike the {security-api-url}org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.html[OAuth 2.0 Client filter function], this filter function makes no attempt to renew the token, should it be expired.
1974
1974
To obtain this level of support, please use the OAuth 2.0 Client filter.
1975
1975
1976
1976
==== `RestTemplate` support
1977
1977
1978
-
There is no dedicated support for `RestTemplate` at the moment, but you can achieve propagation quite simply with your own interceptor:
1978
+
There is no `RestTemplate` equivalent for `ServletBearerExchangeFilterFunction` at the moment, but you can propagate the request's bearer token quite simply with your own interceptor:
1979
1979
1980
1980
[source,java]
1981
1981
----
@@ -2000,6 +2000,11 @@ RestTemplate rest() {
2000
2000
}
2001
2001
----
2002
2002
2003
+
2004
+
[NOTE]
2005
+
Unlike the {security-api-url}org/springframework/security/oauth2/client/OAuth2AuthorizedClientManager.html[OAuth 2.0 Authorized Client Manager], this filter interceptor makes no attempt to renew the token, should it be expired.
2006
+
To obtain this level of support, please create an interceptor using the <<oauth2client,OAuth 2.0 Authorized Client Manager>>.
0 commit comments