How to set expire_in in OAUTH 2.0?
I am using OAuth 2.0 with spring for token generation and I want to set expire_in manually so token can expire as per my criteria. Any one help me?
-
It can be set with a
ClientBuilderobtained from aClientDetailsServiceConfigurer.@Configuration @EnableAuthorizationServer public class OAuth2Config extends AuthorizationServerConfigurerAdapter { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("client") .secret("secret") .authorizedGrantTypes("authorization_code", "refresh_token", "password") .scopes("app") .accessTokenValiditySeconds(30); } // ... additional configuration }or directly on
DefaultTokenServicesdepending on your need.@Configuration @EnableAuthorizationServer public class OAuth2Config extends AuthorizationServerConfigurerAdapter { @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // optionally here you could just get endpoints.getConsumerTokenService() // and cast to DefaultTokenServices and just set values needed DefaultTokenServices tokenServices = new DefaultTokenServices(); tokenServices.setTokenStore(endpoints.getTokenStore()); tokenServices.setSupportRefreshToken(true); tokenServices.setClientDetailsService(endpoints.getClientDetailsService()); tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer()); tokenServices.setAccessTokenValiditySeconds(60); endpoints.tokenServices(tokenServices); } }讨论(0) -
configure your oauth configuration changing your Bean TokenServices and setting accessTokenValiditySeconds property :
<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices"> <property name="accessTokenValiditySeconds" value="1" /> <property name="tokenStore" ref="tokenStore" /> <property name="supportRefreshToken" value="true" /> <property name="clientDetailsService" ref="clientDetails" /> </bean>讨论(0)
加载中...
- 热议问题