add proxy setting to OIDCProviderMetadata resolve method

Issue #402 resolved
Anis Zarraa created an issue

currently, resolve method doesn’t accept proxy setting and so does not work in industrial env where backend machin use proxy for security purpose

Comments (5)

  1. Anis Zarraa reporter

    We are not allowed to do that for sécurity purpose java système proprety will impact all http call which mean that exception file should bé maintained and out sécurity team dont want to do it since thé best approach is to do it on code base since its scope is limited

  2. Vladimir Dzhuvinov

    Will a static setProxy method to com.nimbusds.oauth2.sdk.http.HTTPRequest work?

    All methods that end up creating an HTTP request go via this class. This will be limit the scope of necessary changes.

  3. Anis Zarraa reporter

    proxy handling has already been added in the library for different case scenario for exemple RemoteJWKSet can accept DefaultResourceRetriever which allow us to go through proxy.

  4. Yavor Vasilev

    Check out version 10.1 (2022-10-27)

    * Adds HTTPRequestConfigurator interface.
    * Adds new static OIDCProviderMetadata.resolve(Issuer,
      HTTPRequestConfigurator) method.
    * Adds new static AuthorizationServerMetadata.resolve(Issuer,
      HTTPRequestConfigurator) method.
    
  5. Log in to comment