Spring Boot 2, oAuth2 get access token minimal configuration example
basic spring boot working application to show how to setup spring boot to get oAuth2 access_token (url: /oauth/token) with minimal configuration. (basic project and directory structure generated using https://start.spring.io/)
source code@: https://github.com/buddhiprab/springboot-oauth2-token-example
pom.xml, with spring-security-oauth2 dependancy (in this example i’m using spring-security-oauth2 version 2.3.6.RELEASE, spring-security-oauth2 version 2.4 has some deprecations)
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.buddhi</groupId>
<artifactId>springboot-oauth2-token-example</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<description>Demo project for Spring Boot oAuth2 get token</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.8.RELEASE</version>
</parent>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.3.6.RELEASE</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>spring boot application class with @EnableAuthorizationServer
package com.buddhi.oauth2;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@SpringBootApplication
@EnableAuthorizationServer
public class Oauth2Application {
public static void main(String[] args) {
SpringApplication.run(Oauth2Application.class, args);
}
}extend the AuthorizationServerConfigurerAdapter and specify 2 clients
used InMemoryTokenStore as TokenStore
package com.buddhi.oauth2;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
@Configuration
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("client_a")
.secret(passwordEncoder().encode("password_a"))
.authorities("ROLE_A")
.scopes("all")
.authorizedGrantTypes("client_credentials")
.and()
.withClient("client_b")
.secret(passwordEncoder().encode("password_b"))
.authorities("ROLE_B")
.scopes("all")
.authorizedGrantTypes("client_credentials");
}
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder(4);
}
}Postman request
POST /oauth/token?grant_type=client_credentials HTTP/1.1
Host: localhost:8100
Authorization: Basic YTph
response
{
“access_token”: “9a734f52–76e3–46cc-8b3c-43b101de7609”,
“token_type”: “bearer”,
“expires_in”: 43199,
“scope”: “all”
}
