Reputation: 83
Manually generate Access Tokens in Spring Authorization Server
I'm working on a microservices application that relies on an external Identity Provider. In order to decouple internal microservices from this IdP, we've put in place a Spring Application that works as a Service Provider towards the IdP and as an IdP for internal microservices.
This component is based on Spring Authorization Server and for a particular flow needs to generate an Access Token programmatically, having already available a Saml2Authentication and Principal objects in the context.
I've searched on the web but the solutions I found seem to refer to older Spring Security releases (I'm using 6.0.2) and aren't based on Authorization Server, so can anyone please tell me how to get an access token without building the OAuth2 request manually?
Upvotes: 1
Views: 1483
Answers (1)
Reputation: 326
In order to programmatically generate an OAuth2 Access Token in the new Spring Authorization Server one alternative is to customize all the process of obtaining a new OAuth2 access token.
The first step to start this would be customizing the token endpoint access token request converter, then the token endpoint authentication provider and finally the token endpoint access token generator. With this type of customization, one is able to control all the access token generation flow. Further information on how to customize these behaviors is demonstrated here.
Depending on the specific grant_type being used, more customization could be needed.
Upvotes: 0
Related Questions
- Customize Authorization Code claims with Spring OAuth2 Authorization Server 3.2.4
- Use OAuth2 for authorization of session-authenticated users
- Spring Boot Authorization server (SSO Implementation)
- Using cognito as IDP for Spring authorization server
- Spring authorization server: logout via Postman
- Authorization - Angular + Spring + wso2