Comments (5)
Hi, @Haarolean.
The OAuth2AuthorizedClientService
is from Spring Security, therefore you would need to open an issue on its issue tracker. I would argue that if you need something specific for Redis, you would need to provide your own implementation.
from spring-session.
@marcusdacoregio thank you for a swift reply. However, I'm not sure that relates to spring-security. As we're (in spring-session-data-redis, not spring-security) altering the session storage mechanism, this seems to be an issue with spring-session, as without it everything would work fine as everything would be stored in memory.
from spring-session.
I don't think I follow. If you are using Spring Session Redis then your session will be stored in a Redis instance transparently to the application. Maybe you are confused between OAuth2AuthorizedClientService
and OAuth2AuthorizedClientRepository
, where the latter has the HttpSessionOAuth2AuthorizedClientRepository
implementation.
from spring-session.
Yes, indeed, there's an implementation of OAuth2AuthorizedClientRepository
, but there's no implementation of the OAuth2AuthorizedClientService
which will let us use the HttpSessionOAuth2AuthorizedClientRepository
as underlying storage mechanism. So, with spring-session-redis (or any other package) we have broken OAuth2AuthorizedClient
storage mechanism out of the box.
from spring-session.
It is not intended to store authorized clients in the session after the user has logged in. The reason they are stored there at all is for anonymous users who would otherwise clutter up the database with junk records. Once a user is logged in, their authorized client should be stored in a database where it can be managed and revoked if a leak occurs. If you still want to use sessions you can do:
@Bean
public OAuth2AuthorizedClientRepository authorizedClientRepository() {
return new HttpSessionOAuth2AuthorizedClientRepository();
}
from spring-session.
Related Issues (20)
- Application Does Not Start When Multiple `TransactionManager` Bean Exist
- Application Does Not Start When Multiple `TransactionManager` Bean Exist
- Add JDBC to Configurations section
- Store type property no longer exists
- Setup Auto Merge Forward Dependabot Commits Workflows HOT 1
- Store type property no longer exists
- Store type property no longer exists
- expiredSessionStrategy does not get invoked when spring session expires HOT 1
- Fix failing tests
- Fix failing tests
- Fix failing tests HOT 1
- Update to Spring Security 6.3.0-M3
- An "IllegalStateException: Session was invalidated" - exception is thrown after session was already invalidated
- spring security + form login + redis session storage -> keep coming out anonymous User HOT 3
- Consider Sorted Set Expiration Policy in RedisIndexedHttpSession HOT 1
- maxInactiveInterval from JdkMongoSessionConverter is always from MongoSession HOT 3
- Upgrade to Spring Data Bom 2024.0.0-RC1
- Upgrade to MongoDB 5.0.1
- Possibility to apply the `SessionRepositoryFilter` conditionally. HOT 2
- Update to Spring Security 6.3.0-RC1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-session.