Skip to content

Commit 571bd60

Browse files
jgrandjajgrandja
committed
Document OAuth 2.0 Protected Resource Metadata support
Issue gh-17244
1 parent 6471a32 commit 571bd60

File tree

2 files changed

+29
-0
lines changed

2 files changed

+29
-0
lines changed

docs/modules/ROOT/nav.adoc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@
9090
**** xref:servlet/oauth2/resource-server/multitenancy.adoc[Multitenancy]
9191
**** xref:servlet/oauth2/resource-server/bearer-tokens.adoc[Bearer Tokens]
9292
**** xref:servlet/oauth2/resource-server/dpop-tokens.adoc[DPoP-bound Access Tokens]
93+
**** xref:servlet/oauth2/resource-server/protected-resource-metadata.adoc[Protected Resource Metadata]
9394
*** xref:servlet/oauth2/authorization-server/index.adoc[OAuth2 Authorization Server]
9495
**** xref:servlet/oauth2/authorization-server/getting-started.adoc[Getting Started]
9596
**** xref:servlet/oauth2/authorization-server/configuration-model.adoc[Configuration Model]

docs/modules/ROOT/pages/servlet/oauth2/resource-server/protected-resource-metadata.adoc

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
[[oauth2resourceserver-protected-resource-metadata]]
2+
= OAuth 2.0 Protected Resource Metadata
3+
4+
`OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer` provides the ability to customize the https://www.rfc-editor.org/rfc/rfc9728.html#section-3[OAuth 2.0 Protected Resource Metadata endpoint].
5+
It defines an extension point that lets you customize the https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2[OAuth 2.0 Protected Resource Metadata response].
6+
7+
`OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer` provides the following configuration option:
8+
9+
[source,java]
10+
----
11+
@Bean
12+
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
13+
http
14+
.oauth2ResourceServer((resourceServer) ->
15+
resourceServer
16+
.protectedResourceMetadata(protectedResourceMetadata ->
17+
protectedResourceMetadata
18+
.protectedResourceMetadataCustomizer(protectedResourceMetadataCustomizer) <1>
19+
)
20+
);
21+
22+
return http.build();
23+
}
24+
----
25+
<1> `protectedResourceMetadataCustomizer()`: The `Consumer` providing access to the `OAuth2ProtectedResourceMetadata.Builder` allowing the ability to customize the claims of the Resource Server's configuration.
26+
27+
`OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer` configures the `OAuth2ProtectedResourceMetadataFilter` and registers it with the Resource Server `SecurityFilterChain` `@Bean`.
28+
`OAuth2ProtectedResourceMetadataFilter` is the `Filter` that returns the https://www.rfc-editor.org/rfc/rfc9728.html#section-3.2[OAuth2ProtectedResourceMetadata response].

0 commit comments

Comments
 (0)