'Retrieve exchange token

Working on an Azure AD-based authentication using OAuth2 and its On-Behalf-Of authentication flow. I am wondering how to actually check the token comparison between the initial token provided by the user and the final token being provided by the middle service principal to the third or other service principal.

My current approach is creating another endpoint inside my application @GetMapping("/otherSP") and then call it within my application(internal API call) like:

  String token =  webclient.get()
             .uri(newServicePrincipalUri)
             .attributes(clientRegistrationId("currentServicePrincipalId"))
             .retrieve()
             .bodyToMono(String.class)
             .block();

The endpoint within is like:

@GetMapping("/otherSP")
public String getExchangeToken(@RegisteredOAuth2AuthorizedClient("otherSP-id")OAuth2AuthorizedClient oAuth2AuthorizedClient){
    return oAuth2AuthorizedClient.getAccessToken().getTokenValue();
}

For the purpose of acquiring the JWT, this approach seems barbaric. Is there any better approach or proper approach on how to actually check it or obtain the exchanged token?

javaspring-bootoauth-2.0azure-active-directorysend-on-behalf-of


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions