Related servlet bug

8700

Describe the bug OAuth2AuthorizedClientArgumentResolver does not use the ReactiveOAuth2AuthorizedClientManager provided by the Spring configuration, therefore @RegisteredOAuth2AuthorizedClient annotated parameters do not use potential customization done in the config.

To Reproduce Let's say you want to customize the access token response for a refresh like described in the doc)

@Bean
    ReactiveOAuth2AuthorizedClientManager authorizedClientManager(
            ServerOAuth2AuthorizedClientRepository serverOAuth2AuthorizedClientRepository,
            ServerOAuth2AuthorizedClientRepository authorizedClientRepository,
            ReactiveOAuth2AuthorizedClientService authorizedClientService,
            ReactiveClientRegistrationRepository clientRegistrationRepository) {
        WebClientReactiveRefreshTokenTokenResponseClient webClientReactiveRefreshTokenTokenResponseClient = new WebClientReactiveRefreshTokenTokenResponseClient();
        webClientReactiveRefreshTokenTokenResponseClient.setWebClient(webClient());
        webClientReactiveRefreshTokenTokenResponseClient.setBodyExtractor(new OAuth2AccessTokenResponseBodyExtractor());
        ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
                ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
                        .authorizationCode()
                        .refreshToken(refreshTokenGrantBuilder -> refreshTokenGrantBuilder.accessTokenResponseClient(webClientReactiveRefreshTokenTokenResponseClient))
                        .build();
        DefaultReactiveOAuth2AuthorizedClientManager authorizedClientManager =
                new DefaultReactiveOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository);
        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
        return authorizedClientManager;
    }

This will not be taken into account when the token is refreshed through a @RegisteredOAuth2AuthorizedClient parameter because ReactiveOAuth2ClientImportSelector creates a ReactiveOAuth2AuthorizedClientManager by itself.

Expected behavior Maybe ReactiveOAuth2ClientImportSelector should inject an ReactiveOAuth2AuthorizedClientManager and use this one if it exists.

Comment From: jzheaux

I agree that it makes sense to have the same feature for reactive as servlet. Are you able to provide a PR that adds this feature?

Comment From: muhdalavu

Sure, I can do it.