#How to set the principal name of a Spring Security OAuth2AuthorizedClient using the Token Response

8 messages · Page 1 of 1 (latest)

mortal osprey
#

Hello my question is typed up on stackoverflow. If you have any ideas the help would be much appreciated :))

https://stackoverflow.com/questions/78772773/how-to-set-the-principal-name-of-a-spring-security-oauth2authorizedclient-using

Stack Overflow
How to set the Principal Name of a Spring Security OAuth2Authorized...

I am currently playing around with Spring Security 6's OAuth2 Client in Spring Boot 3.
I am using an authorization_code grant which is exchanged for an access_token using the following Security Con...

lost oliveBOT
#

This post has been reserved for your question.

Hey @mortal osprey! Please use /close or the Close Post button above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically closed after 300 minutes of inactivity.

TIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here.

agile ingot
#

What is principal name? And why do you need this?

mortal osprey
# agile ingot What is principal name? And why do you need this?

The principal name is the identifier of the OAuth2AuthorizedClient. Essentially, how does this session belong to. I need it because my OAuth2 provider does not the standard name in the access_token return, instead he provides a membership_id (which I can use, but have to properly assign to the AuthorizedClient)

agile ingot
#

Your token is basic token, if you want to track the session, you should add time and token to database or cache

#

And you need to check before every request