AbstractWebClientReactiveOAuth2AccessTokenResponseClient Should be allowed to do URI customization.

Any Token response client derived from AbstractWebClientReactiveOAuth2AccessTokenResponseClient should be allowed to do URI customization.

Current Behavior

No option is provided to do URL customize to the Token response client.

Context

The authorization servers with which I have been working required the URI query string parameter to get the refresh token.

Example request POST: https:/domain.com/oauth/v2/token?grant_type= refresh_token&refresh_token={current_refresh_token}

With current AbstractWebClientReactiveOAuth2AccessTokenResponseClient / WebClientReactiveRefreshTokenTokenResponseClient I do not have any option to accomplish the same.

Possible another extension point

ReactiveOAuth2AuthorizedClientProviderBuilder.RefreshTokenGrantBuilder could have accept a ReactiveOAuth2AccessTokenResponseClient<T> and set that in RefreshTokenReactiveOAuth2AuthorizedClientProvider.

Refere code here

To achieve the same, please suggest to me if any workaround is available.

Reference document link

Comment From: sjohnr

@muhdalavu, thanks for the request.

The link you provided to the documentation regarding customizing the WebClient details the steps necessary to customize the RefreshTokenReactiveOAuth2AuthorizedClientProvider with your own configured instance of WebClientReactiveRefreshTokenTokenResponseClient, which allows you to modify the request using an ExchangeFilterFunction. Further, the example in the previous section regarding the ReactiveOAuth2AuthorizedClientManager shows how to provide the configured instance as an @Bean to override the default. The full definition would look something like this:

    @Bean
    public ReactiveOAuth2AuthorizedClientManager authorizedClientManager(
            ReactiveClientRegistrationRepository clientRegistrationRepository,
            ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {

        WebClientReactiveRefreshTokenTokenResponseClient refreshTokenTokenResponseClient =
            new WebClientReactiveRefreshTokenTokenResponseClient();
        WebClient webClient = WebClient.builder()
            .filter((request, next) -> {
                // Modify the request here. For example...
                UriComponents uri = UriComponentsBuilder.fromUri(request.url())
                    .queryParam("refresh_token", "...")
                    .build();
                ClientRequest modifiedRequest = ClientRequest.from(request)
                    .url(uri.toUri())
                    .build();
                return next.exchange(modifiedRequest);
            })
            .build();
        refreshTokenTokenResponseClient.setWebClient(webClient);

        ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
            ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
                .authorizationCode()
                .refreshToken(configurer -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient))
                .build();

        DefaultReactiveOAuth2AuthorizedClientManager authorizedClientManager =
            new DefaultReactiveOAuth2AuthorizedClientManager(
                clientRegistrationRepository, authorizedClientRepository);
        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

        return authorizedClientManager;
    }

Hopefully this illustrates how to achieve your desired customization allowing you to work with your existing provider(s). Since this is possible and examples are provided in the reference documentation, I'm going to close this issue for now. However, if I've misunderstood anything or you have further thoughts, you can comment on this issue to continue the conversation.