Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to find out the valid values to use for authorized grant types in Spring Secrity

Tags:

spring-security

spring-security-oauth2

I want to allow a client to use a specific grant type, but cannot find the valid values to use in the client table in the documentation.

Any ideas?

like image 913
Dirk Jablonski Avatar asked May 29 '17 13:05

Dirk Jablonski

1 Answers

Very good question - I struggled to find the values for hours.

Here is how to gather the different values. Every implementation of AbstractTokenGranter carries static field grant type GRANT_TYPE:

  • refresh_token - RefreshTokenGranter
  • authorization_code - AuthorizationCodeTokenGranter
  • implicit - ImplicitTokenGranter
  • password - ResourceOwnerPasswordTokenGranter
  • client_credentials - ClientCredentialsTokenGranter

The authorized grant types of a client can be found in the client instance via ClientDetails.getAuthorizedGrantTypes

And last but not least spring security oauth follows the specification here - so the grant types mentioned above match those mentioned in the spec.

like image 82
Mathias Dpunkt Avatar answered Oct 18 '22 06:10

Mathias Dpunkt
Sign in to Comment

Related questions

Spring Boot: Disable security for Spring Boot Unit Test [duplicate]
How to secure Vaadin flow application with Spring Security
How to set user authorities from user claims return by an oauth server in spring security
Spring Security SAML2 dynamic selection of IDPs or dynamic URLs for them
How to provide an OAuth2 token to a Feign client using Spring Security for the client_credentials workflow
Unable to define properties which start with keycloak
Prevent Cross-Site Request Forgery in a Spring WebFlow Application
Spring Security 3.0: How do I specify URLs to which a custom filter applies?
Spring Security - Can I use both namespace and filter-chain?
Spring Security: Why Authentication is extending Principal?
Equivalent of use-expressions attribute in XML based Spring Security configuration to code based configuration
Spring-Boot & Spring-Security Configuration
Implementing workflow using Spring
In Spring Security OAuth, how do you use a passwordEncoder for client secrets?
Spring-Oauth2 Access Token request never succeeds due to missing CSRF 'preserved state'
Adding additonal Security to Website
How to conditionally skip the SecurityContextPersistenceFilter filter in Grails Spring Security plugin filter chain
Spring Security - REST API - token vs. cookie
Why is 'permitAll()' not working?
Spring Conditional Annotation Operator

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!