In my Java app, I'm using the Spring Security OAuth 2 library to implement an OAuth provider. The response to a successful authentication (for the authorization_code grant type) is something like:
{"access_token": "d179bf70-aa40-4df9-a3e1-440e835c273a",
"expires_in": "43199",
"refresh_token": "879e7bd0-5e0f-48a9-b64d-f61d5665bf4e",
"scope": "read",
"token_type": "bearer"}
Is there a way to add additional properties to this response, e.g. the user's name or email address?
Spring OAuth2 allows you to put arbitrary values in the OAuth2AccessToken
via its additionalInfo
property. You can inject as much as you need in an AccessTokenConverter
(which in turn can be added to the DefaultTokenServices
easily via configuration callbacks). I'm not really sure why you need it though, and I would consider your use case carefully before sending additional values for consumption by clients (they are supposed to just use the token value, which is opaque).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With