Legacy Jwt access token flow
How to get an access token (/oauth2/token
endpoint) using then new spring-authorization-server.
In contrast to the @EnableAuthorizationServer
that has been deprecated
Notes
- Everything is implemented in the file
JwtApplicationFE.kt
using thebean{}
Kotlin DSL (it's the same of using@Configuration(proxyBeanMethods = false)
and@Bean
). - The default token endpoint is
/oauth2/token
(can be changed usingProviderSettings
) - The
password
grant_type is not anymore implemented - The refresh token is not given back when you get an access token with the
client_credentials
grant_type. You must use authorization_code grant type to get a refresh token - The grant type
client_credentials
doesn't check for a username and password. This is why i implemented it with a filter in the first try of reproducingpassword
grant type - I didn't understand why the
OAuth2TokenCustomizer
doesn't get resolved if i put it in the context usingbean{}
instead of@Bean
- put this line in your file hosts
127.0.0.1 auth-server