org.springframework.security.oauth2.config.annotation.web.configuration

Class AuthorizationServerConfigurerAdapter

java.lang.Object

org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter

All Implemented Interfaces:

AuthorizationServerConfigurer

public class AuthorizationServerConfigurerAdapter
extends Object
implements AuthorizationServerConfigurer

Author:

Dave Syer

Constructor Summary

Constructors

Constructor and Description
AuthorizationServerConfigurerAdapter()

Method Summary

Modifier and Type	Method and Description
void	configure(AuthorizationServerEndpointsConfigurer endpoints) Configure the non-security features of the Authorization Server endpoints, like token store, token customizations, user approvals and grant types.
void	configure(AuthorizationServerSecurityConfigurer security) Configure the security of the Authorization Server, which means in practical terms the /oauth/token endpoint.
void	configure(ClientDetailsServiceConfigurer clients) Configure the ClientDetailsService, e.g.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorizationServerConfigurerAdapter

public AuthorizationServerConfigurerAdapter()

Method Detail

configure

public void configure(AuthorizationServerSecurityConfigurer security)
               throws Exception

Description copied from interface: AuthorizationServerConfigurer

Configure the security of the Authorization Server, which means in practical terms the /oauth/token endpoint. The /oauth/authorize endpoint also needs to be secure, but that is a normal user-facing endpoint and should be secured the same way as the rest of your UI, so is not covered here. The default settings cover the most common requirements, following recommendations from the OAuth2 spec, so you don't need to do anything here to get a basic server up and running.

Specified by:

configure in interface AuthorizationServerConfigurer

Parameters:

security - a fluent configurer for security features

Throws:

Exception

configure

public void configure(ClientDetailsServiceConfigurer clients)
               throws Exception

Description copied from interface: AuthorizationServerConfigurer

Configure the ClientDetailsService, e.g. declaring individual clients and their properties. Note that password grant is not enabled (even if some clients are allowed it) unless an AuthenticationManager is supplied to the AuthorizationServerConfigurer.configure(AuthorizationServerEndpointsConfigurer). At least one client, or a fully formed custom ClientDetailsService must be declared or the server will not start.

Specified by:

configure in interface AuthorizationServerConfigurer

Parameters:

clients - the client details configurer

Throws:

Exception

configure

public void configure(AuthorizationServerEndpointsConfigurer endpoints)
               throws Exception

Description copied from interface: AuthorizationServerConfigurer

Configure the non-security features of the Authorization Server endpoints, like token store, token customizations, user approvals and grant types. You shouldn't need to do anything by default, unless you need password grants, in which case you need to provide an AuthenticationManager.

Specified by:

configure in interface AuthorizationServerConfigurer

Parameters:

endpoints - the endpoints configurer

Throws:

Exception