Menu
In my Java app, I'm using the Spring Security OAuth 2 library to implement an OAuth provider. The response to a successful authentication (for the authorization_code grant type) is something like:
{"access_token": "d179bf70-aa40-4df9-a3e1-440e835c273a",
"expires_in": "43199",
"refresh_token": "879e7bd0-5e0f-48a9-b64d-f61d5665bf4e",
"scope": "read",
"token_type": "bearer"}
Is there a way to add additional properties to this response, e.g. the user's name or email address?
291
Spring OAuth2 allows you to put arbitrary values in the OAuth2AccessToken via its additionalInfo property. You can inject as much as you need in an AccessTokenConverter (which in turn can be added to the DefaultTokenServices easily via configuration callbacks). I'm not really sure why you need it though, and I would consider your use case carefully before sending additional values for consumption by clients (they are supposed to just use the token value, which is opaque).
51
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
