IdentityModel / IdentityModel.AspNetCore.OAuth2Introspection

ASP.NET Core authentication handler for OAuth 2.0 token introspection
Apache License 2.0
147 stars 66 forks source link

Additional parameters #156

Closed balazsmeszegeto closed 2 years ago

balazsmeszegeto commented 2 years ago

I'd like to send additional request parameters, pretty much the same reason as described here in this issue: https://github.com/IdentityModel/IdentityModel.AspNetCore.OAuth2Introspection/issues/13 I see there were some dialog, but the PR was not merged to this project.

I am able overcome by capturing underlying HttpClient and add message handler, but this is much more inconvenient (have to check if discovery, deserialize form, recreate context, etc.).

I'd be happy to contribute 😄 My suggestion is to extend events with OnRequestSending (or similar), which'd have a context parameter including TokenIntrospectionRequest. HttpContext should also be part of context to support service injection

There are other approaches (for defining an interface, which the handler would inject and call; default implementation is "no-op", but might be overriden by user), but I think event-model is enough for this

Please let me know your thoughts, suggestion how to move forward 😄

leastprivilege commented 2 years ago

Please propose a solution via a PR - so we can discuss it.

balazsmeszegeto commented 2 years ago

Sure!

github-actions[bot] commented 2 years ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.