Allow a default ITokenRequestCustomizer to be registered#300
Merged
pgermishuys merged 1 commit intomainfrom Nov 21, 2025
Merged
Allow a default ITokenRequestCustomizer to be registered#300pgermishuys merged 1 commit intomainfrom
pgermishuys merged 1 commit intomainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR enables a default ITokenRequestCustomizer to be registered globally and used across multiple token retrieval paths. The primary change is a breaking modification to the ITokenRequestCustomizer interface, which now accepts HttpRequestContext instead of HttpRequestMessage to support customization in contexts where only HttpRequest is available (e.g., HttpContextExtensions).
- Introduced a new
HttpRequestContextstruct to abstract HTTP request details - Updated the
ITokenRequestCustomizerinterface signature to useHttpRequestContext - Enabled customizer usage in
HttpContextExtensionsmethods (GetUserAccessTokenAsync,GetClientAccessTokenAsync,RevokeRefreshTokenAsync)
Reviewed Changes
Copilot reviewed 23 out of 23 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
HttpRequestContext.cs |
New struct to represent HTTP request context with method, URI, and headers |
ITokenRequestCustomizer.cs |
Changed interface parameter from HttpRequestMessage to HttpRequestContext |
HttpRequestContextExtensions.cs (AccessTokenManagement) |
Extension method to convert HttpRequestMessage to HttpRequestContext |
HttpRequestContextExtensions.cs (OpenIdConnect) |
Extension method to convert HttpRequest to HttpRequestContext |
HttpContextExtensions.cs |
Added logic to apply token request customization in extension methods |
ClientCredentialsTokenRetriever.cs |
Updated to use new HttpRequestContext when calling customizer |
OpenIdConnectUserAccessTokenRetriever.cs |
Updated to use new HttpRequestContext when calling customizer |
OpenIdConnectClientAccessTokenRetriever.cs |
Updated to use new HttpRequestContext and fixed parameter merging logic |
| Test files | Updated tests to reflect new interface signature and added comprehensive test coverage for the new functionality |
| Public API verification files | Updated to reflect new public HttpRequestContext type and interface changes |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Erwinvandervalk
previously approved these changes
Nov 20, 2025
pgermishuys
force-pushed
the
pg/http-request-context
branch
from
292dc07 to
6ce556d
Compare
Erwinvandervalk
previously approved these changes
Nov 21, 2025
This is useful to ensure that a single TokenRequestCustomizer can be used for various paths such as ITokenRetrievers as well as the HttpContextExtensions.
pgermishuys
force-pushed
the
pg/http-request-context
branch
from
6ce556d to
a48ed81
Compare
Erwinvandervalk
approved these changes
Nov 21, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is useful to ensure that a single
TokenRequestCustomizercan be used for various paths such asITokenRetrieversas well as theHttpContextExtensions.This introduces a breaking change in Access Token Management's
ITokenRequestCustomizerinterface, which changed one if it's parameters fromHttpRequestMessagetoHttpRequestContext. The change was necessary as we want to allow the customizer to be used in theHttpRequestMessageExtensionsfrom which we only get access to theHttpRequestand not theHttpRequestMessage.The breaking change could be considered ok as the
ITokenRequestCustomizerwas introduced in Access Token Management 4.1.0 which does not have a non-preview/RC release.