Menu
I have Spring OAuth Authorization server and I want to add support for more then one client(id). I configured clients like this:
clients
.inMemory().withClient(client).secret(clientSecret)
.resourceIds(resourceId)
.authorizedGrantTypes("client_credentials", "password", "refresh_token", "implicit", "authorization_code")
.authorities("ROLE_USER")
.scopes("read", "write")
.autoApprove(true)
.and()
.inMemory().withClient("acme").secret("acmesecret")
.resourceIds(resourceId)
.authorizedGrantTypes("client_credentials", "password", "refresh_token", "implicit", "authorization_code")
.authorities("ROLE_USER_ACME")
.scopes("read", "write")
.autoApprove(true);
I can get access token with first client, but i get this error when trying to get access token with second client:
{
"timestamp": 1456822249638,
"status": 401,
"error": "Unauthorized",
"message": "Bad credentials",
"path": "/oauth/token"
}
Is it possible to add more then one client and how to do it? Allso, how to read clients from a database?
494
Do not use multiple inMemory builders, instead concatenate multiple withClients inside one inMemory:
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("first")
.secret("secret")
.scopes("read")
.authorizedGrantTypes("password")
.and()
.withClient("sec")
.secret("secret")
.scopes("read")
.authorizedGrantTypes("password");
}
For inMemorybuilder with configuration (you will have to define your own configuration):
@Override
public void configure ( ClientDetailsServiceConfigurer clients ) throws Exception {
// @formatter:off
InMemoryClientDetailsServiceBuilder inMemoryBuilder = clients.inMemory ();
for (String clientKey: authServerProperties.getClient ().keySet ()) {
OAuthClientProperties client = authServerProperties.getClient ().get ( clientKey );
inMemoryBuilder
.withClient ( client.getClientId () )
.secret ( client.getClientSecret () )
.scopes ( client.getScopes () == null ? new String[] {"openid"} : client.getScopes () )
.authorizedGrantTypes ( client.getAuthorizedGrandTypes () == null ? "client_credentials" : client.getAuthorizedGrandTypes () );
}
// @formatter:on
}
with two additional classes:
@ConfigurationProperties ( prefix = "my-authorization-server" )
public class AuthServerProperties
private final Map<String, OAuthClientProperties> client = new HashMap<> ();
...
public Map<String, OAuthClientProperties> getClient () {
return client;
}
...
}
public class OAuthClientProperties {
private String clientId;
private String clientSecret;
private String[] scopes;
private String authorizedGrandTypes;
public String getClientId () {
return clientId;
}
public void setClientId ( String clientId ) {
this.clientId = clientId;
}
public String getClientSecret () {
return clientSecret;
}
public void setClientSecret ( String clientSecret ) {
this.clientSecret = clientSecret;
}
public String[] getScopes () {
return scopes;
}
public void setScopes ( String[] scopes ) {
this.scopes = scopes;
}
public String getAuthorizedGrandTypes () {
return authorizedGrandTypes;
}
public void setAuthorizedGrandTypes ( String authorizedGrandTypes ) {
this.authorizedGrandTypes = authorizedGrandTypes;
}
}
and finally, in properties you would have something like this:
my-authorization-server.client.foo.client-id=foo-client
my-authorization-server.client.foo.client-secret=foo-client-supersecret
my-authorization-server.client.foo.scopes=read
my-authorization-server.client.bar.client-id=bar-client
my-authorization-server.client.bar.client-secret=bar-client-verysupersecret
my-authorization-server.client.bar.scopes=read,write
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
