Skip to content

Allow custom header during bearer token extraction #8341

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Allow custom header during bearer token extraction #8341

wants to merge 1 commit into from

Conversation

TJReinert
Copy link
Contributor

Added ability to specify the header that the
ServerBearerTokenAuthenticationConverter uses to
extract a Bearer Token.

Fixes gh-8337

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Apr 7, 2020
jzheaux
jzheaux requested changes Apr 7, 2020
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @TJReinert! I've left some feedback inline.

Also, could you make the same changes to DefaultBearerTokenResolver on the servlet side?

@jzheaux jzheaux added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 7, 2020
@TJReinert
Allow custom header during bearer token extraction
b51e184 
Added ability to specify the header that
ServerBearerTokenAuthenticationConverter and
DefaultBearerTokenResolver use to extract a Bearer Token.

Fixes spring-projectsgh-8337
@TJReinert
Copy link
Contributor Author

The CONTRIBUTING doc asked that we squash commits, does that include future changes?

@jzheaux
Copy link
Contributor

jzheaux commented Apr 8, 2020

Looks good, @TJReinert! I'm going to add some documentation around your change, and then I think we'll be ready to merge.

I don't think I understand your question about future changes, though. Could you elaborate?

@TJReinert
Copy link
Contributor Author

Apologies, must be losing my mind near end of day.

I saw that it is asked that we squish our changes. Does that just apply to the 'initial' commit for the pull request? Or should all changes that are the result of a code review also be squished into a single commit. (Causing the need for a force push and comments on the PR to be unattached to a commit).

@jzheaux
Copy link
Contributor

jzheaux commented Apr 9, 2020

Ah, @TJReinert, I see. Yes, it's usually the latter. It's preferred to minimize PR commits to simplify backporting. We aren't backporting in this case, but it's still good hygiene and makes the commit history easier to follow.

@jzheaux
Copy link
Contributor

jzheaux commented Apr 9, 2020

@TJReinert, thanks again! This is now merged into master via 2f8eb16. Also, I've added a documentation via 419d726

@jzheaux jzheaux closed this Apr 9, 2020
@jzheaux jzheaux added this to the 5.4.0.M1 milestone Apr 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jzheaux jzheaux jzheaux approved these changes

Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
5.4.0-M1
Development

Successfully merging this pull request may close these issues.

Allow specify header in ServerBearerTokenAuthenticationConverter
3 participants
@TJReinert @jzheaux @spring-projects-issues