java - Oauth2.0 auhtorization server configuration -
i'm creating protected rest apis based on oauth2.0 framework.
i built authorization server , resource server successfully.
the authorizationserver extends authorizationserverconfigureradapter , overrides methods, i'm facing problem extended method
public void configure(clientdetailsserviceconfigurer clients) throws exception {}
here explanation
when i'm running version of config() authorization server
@override public void configure(clientdetailsserviceconfigurer clients) throws exception { clients.inmemory().withclient("clientapp").authorizedgranttypes("password", "refresh_token") .scopes("read", "write").resourceids(resource_id).secret("123456"); }
this method works fine , returns access_token when ask it.
but when ran same method enhancements, got nothing when asked access_token 401 unauthorized http response.
public void configure(clientdetailsserviceconfigurer clients) throws exception { int n = appmetier.getappscount(); (app app:appmetier.findall(0, n).getapps()) { clients.inmemory().withclient(app.getclientpublicid()).authorizedgranttypes("password", "refresh_token") .scopes("read", "write").resourceids(resource_id).secret(app.getclientsecretid()); } }
the n variable here equals 17, means have 17 clients in memory have right receive access_token.
the 1 gets access_token 17 first one.
your answers please , in advance.
you're calling inmemory()
multiple times, overwrites builder service every time. should called once.
following code should work.
public void configure(clientdetailsserviceconfigurer clients) throws exception { int n = appmetier.getappscount(); inmemoryclientdetailsservicebuilder clientbuilder = clients.inmemory(); (app app:appmetier.findall(0, n).getapps()) { clientbuilder.withclient(app.getclientpublicid()).authorizedgranttypes("password", "refresh_token") .scopes("read", "write").resourceids(resource_id).secret(app.getclientsecretid()); } }
Comments
Post a Comment