OAuth2 intercepter for feign does not re-issue invalid token · spring-attic/spring-cloud-security#220

(3 留言) (8 反應) (0 負責人)Java (525 star) (250 fork)batch import

enhancementhelp wanted

描述

Hi,

If we check OAuth2RestTemplate it has an option retryBadAccessTokens which will try one more time to obtain new access token if previous token is invalid. This is useful if, for some reasons, you decide to revoke access token.

In OAuth2FeignRequestInterceptor access token is preserved in client context until it expires. There is no way to make feign to reissue new token until it expire.

The difficulty here that in feign interceptor is not responsible for retry. So what will be correct way to handle this issue? One of the option is to implement a feign retryer which will clean up client context.

If it is correct, do you want me to try to contribute this change?

貢獻者指南

技術棧: javaspring
領域: backendapi
議題類型: feature
難度: 3
預計時間: 1-3 hours
活動狀態: stale
清晰度: clear
前置要求: Spring OAuth2 experienceFeign client usageJava knowledge
新手友善度: 40
研究方向: The issue requests a retry mechanism for invalid OAuth2 tokens in Feign interceptors. The author suggests implementing a Feign Retryer to clean up the client context on token invalidation. To contribute, review the current OAuth2FeignRequestInterceptor and understand how tokens are stored. Consider adding a retryer that catches exceptions and refreshes the token. Since the repository is archived, check for any successor projects or note that the issue may need to be addressed in a different library.