authorization spring-security opensocial

How to set up Spring security to authenticate signed requests?

Does spring support authentication of signed requests? (like those provided by open social Signed authorization ,i.e open social makeRequest API)

if so, how do you configure it?

Best Regards

Yaniv

Solution

Based on the Spring Security site it looks like it does not support it. But nothing stops you from implementing it. You will have to implement custom AbstractProcessingFilter (just like there is a filter for CAS CasProcessingFilter, login form AuthenticationProcessingFilter and OpenId OpenIDAuthenticationProcessingFilter). You might also have to implement AuthenticationProvider and configure it similar to this:

<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
    <list>
      <ref local="myAuthenticationProvider" />
    </list>
  </property>
</bean>

Keycloak authorization on behalf of another user
User.Identity.IsAuthenticated is false in a non-auth methods after successful login in asp.net core
Oracle Apex - How to limit what certain user can see based on the values from another table
How to allow multiple accounts on the same browser in flask?
How do I solve audience (aud) invalid claim error for downstream api service?
User not Signed in after SignInManager.PasswordSignInAsync method Call
Proper design for th Keycloak auth with APIs and UI
Blazor Server App error when logging out after adding authorize attribute
Authorize(Roles = ...) not working on ASP.NET Core 6 microservice
Authentication header not reaching server in React & NodeJS app after deploying on server
Jwt priority HttpOnly Cookie versus Authorisation bearer
How to make Amazon AWS API call from Java?
Cant get claims in authorization handler
Role based authorization using Keycloak and .NET core
Login User Data Persistent
Token storage contains no authentication token and denyAccessUnlessGranted()
How can Authorization Code Flow with PKCE be more secure than Authorization Code Flow without client_secret
JWT Token still accepted after expiry Spring Boot 3.2 OAuth2 resource server
How to solve Windows security window prompt for authorization failed in ASP.NET MVC
How to generate access token using refresh token through google drive API?
<AuthorizeView> not recognizing role claim
twitter authorization using php Http_request
Authorize actions in command handler
Listing the Tables in the Storage Account using ADF Web Activity is failed with an authorization error
Magento REST api authentication
ASP.NET 8 Windows Authentication combined with custom policy authorization results in HandleRequirementAsync() being called twice for every request
Issues with Spotify OAuth - not opening auth dialog, instantly redirecting back to my frontend
When authorizing with the Android Authorization API, how can I prevent the permission confirmation popup from appearing every time?
How can I authenticate user token in Angular Guard if I am using Http-Only?
.NET 8 Blazor Server - role authorization with Windows Authentication