Spring OAuth2.0 - Dynamically register OAuth2.0 client

Question

I am working on setting up an OAuth2.0 authorization server using Spring security. I want to know if there is a way to dynamically register an OAuth2.0 client after the OAuth2.0 authorization server is up and running?

Basically, I know that I can register a client while configuring the OAuth2.0 server by extending the AuthorizationServerConfigurerAdapter and overriding the configure method to add the client details in memory. However, this way the client is pre-registered and I would like to know how to dynamically add the client details.

@Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off clients.inMemory() .withClient(CLIENT_ID) .secret(CLIENT_SECRET) .authorizedGrantTypes("authorization_code", "implicit") .redirectUris("http://junk/") .scopes("cn") .accessTokenValiditySeconds(600); // @formatter:on }

Answer 1

You should be able to just use the JdbcClientDetails (there are even convenience methods similar to the in memory ones):

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.jdbc(dataSource)
                .passwordEncoder(passwordEncoder)
            .withClient("my-trusted-client")
        ... etc.

(Code taken from here: https://github.com/spring-projects/spring-security-oauth/blob/master/tests/annotation/jdbc/src/main/java/demo/Application.java#L102.) Then you have a database with data you can change at runtime as much as you want.