Spring Boot configure ClientDetailsServiceConfigurer in AuthorizationServerConfigurerAdapter - oAuth2

Question

Im struggling with Spring Boot. I found great project on git hub and I am putting things together to understand what is happening. I have this piece of code and I don't understand what is doing:

@Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        // @formatter:off
        clients
            .inMemory()
                .withClient("clientapp")
                    .authorizedGrantTypes("password", "refresh_token")
                    .authorities("USER")
                    .scopes("read", "write")
                    .resourceIds(RESOURCE_ID)
                    .secret("123456");
        // @formatter:on
    }

what do I define with this inMemory()? and wihtClinet and so on... I don't get it, I would need some explanation, please.

Answer 1

Oauth2 authenticates client apps for some access types about user's information.

In your example, it configures a client app with name clientapp.

inMemory means all the necessary data to create a session will be stored in memory. When you restart your application, all the session data will be gone, which means users need to login and authenticate again.

Grant types represent the rights of the client app over user's information. In this case client app have rights to read and write user's password and refresh_token.

If you want to learn more of it you can take a look at this tutorial. You should also know what oAuth2 is.