SupplierJwtDecoder allows for deferring the query to the authorization server for JWKS, allowing resource servers to restart more resiliently (since they don't require the authorization server to be up at that time).
It would be nice for OAuth 2.0 Cilent applications to have the same startup resiliency. With SupplierClientRegistrationRepository, then applications could defer the construction like so:
@Bean
ClientRegistrationRepository clientRegistrations() {
return new SupplierClientRegistrationRepository(() -> {
ClientRegistration registration = ClientRegistrations.fromIssuerLocation("http://localhost:8080").build();
return new InMemoryClientRegistrationRepository(registration);
});
}
Comment From: yangao-cn
@jzheaux Imagine a scenario where there are many ClientRegistrations, such as 500, and each ClientRegistration's initialization need send a request to obtain issuer's metadata, which may take a lot of time to initialize ClientRegistrationRepository . Can we do lazy initialization for each ClientRegistration?
Comment From: yangao-cn
@jzheaux
The SupplierClientRegistration, similar to SuppliedJwtDecoder, can help us solve this problem, what do you think? I can provide a PR if you think this is a good suggestion.
public class SupplierClientRegistration {
private final String registrationId;
private final Supplier<ClientRegistration> registrationSupplier;
public SupplierClientRegistration(String registrationId, Supplier<ClientRegistration> registrationSupplier) {
Assert.hasText(registrationId, "registrationId cannot be empty");
Assert.notNull(registrationSupplier, "registrationSupplier cannot be null");
this.registrationId = registrationId;
this.registrationSupplier = SingletonSupplier.of(() -> {
try {
return registrationSupplier.get();
}
catch (Exception ex) {
throw wrapException(ex);
}
});
}
}