Jérôme Wacongne

icon indicating a website link https://jw.c4-soft.com/ui/en-US/trainings/spring-openid icon indicating an email [email protected]

icon location Papeete, French Polynesia icon location Passionate with the Spring framework, OAuth2/OpenID, and REST, I train teams and create open-source tools to ease Spring Boot apps configuration.

Results 18 issues of Jérôme Wacongne

Add support for `spring-data-envers`

I'm unsuccessfully trying to extend `spring-data-jpa` sample to also use `spring-data-envers`. It would be great to have a complete working sample with an `@Audited` `@Entity` associated with a `RevisionRepository` in...

type: compatibility

Gh 11661 Configurable authentication converter for resource-servers with token introspection

4 comment

This could close https://github.com/spring-projects/spring-security/issues/11661 It adds configurable authentication converter for resource-servers with token introspection (something very similar to what `JwtAuthenticationConverter` does for resource-servers with JWT decoder). The new `(Reactive)OpaqueTokenAuthenticationConverter` is...

status: waiting-for-triage
status: duplicate
type: enhancement
in: oauth2

Configurable authentication converter for resource-servers with token introspection

**Expected Behavior** Something like the `JwtAuthenticationConverter` but for token instrospection. My first thougt is, inside `OpaqueTokenAuthenticationProvider`, delegate`AbstractAuthenticationToken convert(OAuth2AuthenticatedPrincipal principal, String token)` to a configurable bean. As we already have the...

type: enhancement
in: oauth2

Outdated CONTRIBUTING.adoc?

**Describe the bug** Following CONTRIBUTING.adoc is not enough to get an IDE ready to run unit-tests and contribute. I could not get porject build and unit-tests run from Spring Too...

status: waiting-for-triage
type: bug

Prevent JwtAuthenticationProvider from setting authentication details when jwtAuthenticationConverter returned an authentication instance with non null details

4 comment

This could fix gh-11822

status: duplicate
type: enhancement
in: oauth2
type: breaks-passivity

`JwtAuthenticationProvider` should not aggressively set authentication details

**Describe the bug** `JwtAuthenticationProvider` delegates the instantiation of an `Authentication` to a `Converter` but it then alters returned value `details` property. For framework user providing a `Converter` bean which sets...

type: enhancement
in: oauth2
type: breaks-passivity

2.x samples

**Is your feature request related to a problem? Please describe.** I have dificulties to migrate my projects to 2.0.0-M6 (security issues) **Describe the solution you'd like** I'd like to have...

Wrong enum values in OpenAPI spec when `toString()` is overridden

### Describe the Bug When an enum overrides `toString()`, then the output of this method is used to set the acceptable values in the generated OpenAPI spec. This goes against...

Add native support for Envers

6 comment

As requested by @snicoll , I'm moving [this issue](https://github.com/spring-projects-experimental/spring-native/issues/1016) here. It would be great to have a complete working sample with an `@Audited` `@Entity` associated with a `RevisionRepository` in an...

status: blocked
type: enhancement

Add getters to `OAuth2AuthorizedClientId`

1 comment

The current implementation of `OAuth2AuthorizedClientId` is enough to compare IDs, but I have a use case where I retrieve some if this IDs and need to access the registration ID,...

status: waiting-for-triage