Skip to content

Support token relay clientRegistrationId on properties #3751

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Support token relay clientRegistrationId on properties #3751

wants to merge 1 commit into from

Conversation

jaimesf
Copy link

@jaimesf jaimesf commented Apr 2, 2025

Support token relay clientRegistrationId on properties

The current code supports clientRegistrationId via Java filter.
Just added Shorcut annotation and update docs.

Thank you

ryanjbaxter
ryanjbaxter reviewed May 13, 2025
View reviewed changes
docs/modules/ROOT/pages/spring-cloud-gateway-server-webmvc/filters/tokenrelay.adoc
// The filter extracts an OAuth2 access token from the currently authenticated user for the provided `clientRegistrationId`.
// If no `clientRegistrationId` is provided,
The currently authenticated user's own access token (obtained during login) is used and the extracted access token is placed in a request header for the downstream requests.
The filter extracts an OAuth2 access token from the currently authenticated user for the provided `clientRegistrationId`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to be clear this functionality was already present but the documentation for it was commented out?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not just the documentation. It seems that, this feature was included as part of the initial filter BUT, is not working. With this PR i'm reenabling the TokenRealy filter through properties, and uncomment the related documentation.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you add a test to confirm it is now working?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm sorry, but i don't see an example to test filter functions through properties in gateway-server-mvc to take as base, and my knowledge is limited at this point.

A manual test with properties like these:

spring:
  cloud:
    gateway:
      mvc:
        routes:
          - id: token_relay_test
            uri: https://examplel1.com
            filters:
              - TokenRelay=relay
  security:
    oauth2:
      client:
        provider:
          relay:
            jwk-set-uri: https://localhost:8080/context/path/jwk
            issuer-uri: https://localhost:8080/context/path/issuer
        registration:
          relay:
            provider: relay
            client-authentication-method: client_secret_post
            authorization-grant-type: client_credentials
            client-id: someClientId
            client-secret: someClientSecret

works perfectly using it in a complete spring boot application.

If someone could create a specific test for this, I would be grateful.

@ryanjbaxter
Copy link
Contributor

Could you please sign your commit so the DCO check will pass?

@jaimesf jaimesf force-pushed the support-client-registration-id-token-relay branch from 441e920 to 3bc2267 Compare May 15, 2025 08:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ryanjbaxter ryanjbaxter ryanjbaxter left review comments

Assignees
No one assigned
Labels
waiting for feedback
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jaimesf @ryanjbaxter @spring-cloud-issues @jaimesf-santalucia