Spring OAUTH2 - Access token expiry time

前端未结

关注

 2  999

Is it possible to update/reset the expiry time of an access token programatically? If yes, which class/filter would be the best place to do it so that expiry time can be upd

相关标签:

2条回答

盖世英雄少女心

2021-01-13 10:08
You can set the expiry time of an access token during client configuration. Changing values here will be updated in the jdbc token store.
```
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.jdbc(dataSource)                        
                .withClient("my-client-with-password")
                .authorizedGrantTypes("password")
                .authorities("ROLE_CLIENT") 
                .scopes("read")
                .resourceIds("oauth2-resource")
                .accessTokenValiditySeconds(30);
```
For this you have to delete the the existing client details from the database. Next time a token call is made, these client details will be added into the database, along with your updated validity time.
0 讨论(0)
发布评论:

提交评论
- 加载中...

旧时难觅i

2021-01-13 10:17

To update the expiry time of an access token globally you should have to create instance of the DefaultTokenServices & inject into the AuthorizationServerEndpointsConfigurer like this :

public AuthorizationServerTokenServices customTokenServices(){
  TokenServices tokenServices = new DefaultTokenServices();
  tokenServices.setReuseAccessToken(reuseAccessToken);
  tokenServices.setTokenStore(tokenStore());
  tokenServices.setSupportRefreshToken(true);
  tokenServices.setAccessTokenValiditySeconds(<seconds>);
  tokenServices.setClientDetailsService(clientDetailsService);
  return tokenServices;
}

& put this tokenServices in AuthorizationServerEndpointsConfigurer like this.

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
  endpoints.tokenServices(customTokenServices()).
}

0 讨论(0)