-
Notifications
You must be signed in to change notification settings - Fork 2.7k
Migration Guide 2.6
Deprecated OIDC TokenConfigResolver and TokenStateManager methods, quarkus.oidc.authentication.auto-refresh-timeout property removed
OIDC TokenConfigResolver methods deprecated in 2.2 and TokenStateManager methods deprecated in 2.3 have now been removed.
It should have a minimum impact if any at all since only TokenConfigResolver and TokenStateManager methods returning Uni can work without blocking the IO thread and thus should be used in the real world applications.
A long time deprecated quarkus.oidc.authentication.auto-refresh-timeout property has also been removed - please use a better named quarkus.oidc.authentication.refresh-token-skew from now on.
The way a Vert.x RoutingContext can be accessed in the custom OIDC SecurityIdentityAugmentors has changed.
If it is required then please access it as a SecurityIdentity attribute which will be more portable:
import javax.enterprise.context.ApplicationScoped;
import io.quarkus.security.identity.AuthenticationRequestContext;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.identity.SecurityIdentityAugmentor;
import io.quarkus.security.runtime.QuarkusSecurityIdentity;
import io.smallrye.mutiny.Uni;
import io.vertx.ext.web.RoutingContext;
@ApplicationScoped
public class CustomOidcSecurityIdentityAugmentor implements SecurityIdentityAugmentor {
@Override
public Uni<SecurityIdentity> augment(SecurityIdentity identity, AuthenticationRequestContext context) {
// Instead of
// IdTokenCredential cred = identity.getCredential(IdTokenCredential.class);
// RoutingContext context = cred.getRoutingContext();
RoutingContext context = identity.getAttribute(RoutingContext.class.getName());
QuarkusSecurityIdentity.Builder builder = QuarkusSecurityIdentity.builder(identity);
// Use RoutingContext as required
return Uni.createFrom().item(builder.build);
}
}
The old way of accessing RoutingContext as an OIDC IdTokenCredential or AccessTokenCredential property prevents the use of OIDC tokens for running the background tasks when no RoutingContext is available.