Align code in oauth2-client extensions for WebClient

The `WebClient` extensions for OAuth 2.0 Client are supported via `ServletOAuth2AuthorizedClientExchangeFilterFunction` (Servlet) and `ServerOAuth2AuthorizedClientExchangeFilterFunction` (WebFlux).

The `ServerOAuth2AuthorizedClientExchangeFilterFunction` (WebFlux) uses a collaborator `OAuth2AuthorizedClientResolver` to realize part of the feature set. However, `ServletOAuth2AuthorizedClientExchangeFilterFunction` (Servlet) doesn't have such a collaborator and therefore all the code is contained within. We should consider adding an `OAuth2AuthorizedClientResolver` equivalent for the Servlet version to align the code and provide consistency.

Furthermore, as we continue to add support for other grant types, e.g. Resource Owner Password Credentials #6003, the code within each `ExchangeFilterFunction` could grow quite a bit making it more complex and harder to maintain. It is also preferred that the code in each `ExchangeFilterFunction` is aligned/consistent and reused wherever possible. However, we need to be careful with reuse and ensure we don't introduce a blocking operation within the reactive implementation.

As part of this decomposition exercise, we should consider re-structuring components/collaborators so they can potentially be reused by other technology stacks, e.g. WebFlux's `WebSocketClient` #6711, `RestTemplate` or Feign Client.

Related #6683, #6780

This issue is divided into the following tasks.

### Servlet

- [x] [#17](https://github.com/spring-projects/spring-security-team-tasks/issues/17) Introduce `OAuth2AuthorizedClientProvider`
- [x] [#18](https://github.com/spring-projects/spring-security-team-tasks/issues/18) Implement `authorization_code` `OAuth2AuthorizedClientProvider`
- [x] [#19](https://github.com/spring-projects/spring-security-team-tasks/issues/19) Implement `client_credentials` `OAuth2AuthorizedClientProvider`
- [x] [#20](https://github.com/spring-projects/spring-security-team-tasks/issues/20) Add `refresh_token` `OAuth2AccessTokenResponseClient`
- [x] [#21](https://github.com/spring-projects/spring-security-team-tasks/issues/21) Implement `refresh_token` `OAuth2AuthorizedClientProvider`
- [x] [#22](https://github.com/spring-projects/spring-security-team-tasks/issues/22) Implement delegating `OAuth2AuthorizedClientProvider`
- [x] [#29](https://github.com/spring-projects/spring-security-team-tasks/issues/29) Refactor and use `OAuth2AuthorizedClientProvider` implementations 
- [x] [#37](https://github.com/spring-projects/spring-security-team-tasks/issues/37) Simplify population of OAuth2AuthorizationContext
- [x] [#59](https://github.com/spring-projects/spring-security-team-tasks/issues/59) Redesign `OAuth2AuthorizedClientProvider` to load/save `OAuth2AuthorizedClient`
- [x] [#60](https://github.com/spring-projects/spring-security-team-tasks/issues/60) `ClientCredentialsOAuth2AuthorizedClientProvider` should load/save `OAuth2AuthorizedClient `
- [x] [#61](https://github.com/spring-projects/spring-security-team-tasks/issues/61) `RefreshTokenOAuth2AuthorizedClientProvider` should load/save `OAuth2AuthorizedClient`
- [x] [#62](https://github.com/spring-projects/spring-security-team-tasks/issues/62) Refactor and use redesigned OAuth2AuthorizedClientProvider implementations

### Reactive

- [x] [#42](https://github.com/spring-projects/spring-security-team-tasks/issues/42) Introduce `ReactiveOAuth2AuthorizedClientProvider`
- [x] [#43](https://github.com/spring-projects/spring-security-team-tasks/issues/43) Implement `authorization_code` `ReactiveOAuth2AuthorizedClientProvider`
- [x] [#44](https://github.com/spring-projects/spring-security-team-tasks/issues/44) Implement `client_credentials` `ReactiveOAuth2AuthorizedClientProvider`
- [x] [#45](https://github.com/spring-projects/spring-security-team-tasks/issues/45) Add `refresh_token` `ReactiveOAuth2AccessTokenResponseClient`
- [x] [#46](https://github.com/spring-projects/spring-security-team-tasks/issues/46) Implement `refresh_token` `ReactiveOAuth2AuthorizedClientProvider`
- [x] [#47](https://github.com/spring-projects/spring-security-team-tasks/issues/47) Implement delegating `ReactiveOAuth2AuthorizedClientProvider`
- [x] [#86](https://github.com/spring-projects/spring-security-team-tasks/issues/86) Add builder for `ReactiveOAuth2AuthorizedClientProvider`
- [x] [#87](https://github.com/spring-projects/spring-security-team-tasks/issues/87) Introduce `ReactiveOAuth2AuthorizedClientManager`
- [x] [#48](https://github.com/spring-projects/spring-security-team-tasks/issues/48) Refactor and use `ReactiveOAuth2AuthorizedClientManager/Provider`(s)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Align code in oauth2-client extensions for WebClient #6811

Servlet

Reactive

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Align code in oauth2-client extensions for WebClient #6811

Description

Servlet

Reactive

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions