I am currently checking all the incoming Authorization headers for JWT token values so that I can check if those tokens are blacklisted. I have implemented a custom Filter for this.
The problem is that this filter is handling all the requests that are coming into the server. I'd like to handle only the requests that are coming to the /oauth/token endpoint.
Is it possible to implement that in Spring OAuth2 Auth Server?
There are two aspects to your question, one is Filter order and two is only filtering a specific URL path. Both can be tackled by using a FilterRegistrationBean to inject your filter. See example below.
@Bean
public FilterRegistrationBean securityFilter() {
Filter f = new MySecurityFilter();
FilterRegistrationBean frb = new FilterRegistrationBean(f);
frb.setOrder(SecurityProperties.ACCESS_OVERRIDE_ORDER);
frb.setUrlPatterns(Arrays.asList("/oauth/token"));
return frb;
}