Announcement Announcement Module
Collapse
No announcement yet.
2 questions concerning OAuth2ProtectedResourceDetails Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • 2 questions concerning OAuth2ProtectedResourceDetails

    When I define (in my client) the "resource", I saw that it creates some instance of OAuth2ProtectedResourceDetails (I've looked at ResourceBeanDefinitionParser), depends on the "type" property. there, I see 4 options:
    "authorization_code" --> AuthorizationCodeResourceDetails
    "implicit" --> ImplicitResourceDetails
    "client_credentials" --> ClientCredentialsResourceDetails
    default --> BaseOAuth2ProtectedResourceDetails

    my questions:
    1. in the docs, I see that "Valid values include "authorization_code", "password", and "assertion". Default value is "authorization_code". Am I missing something, or should I fix the doc? I see nothing with password or assertion in ResourceBeanDefinitionParser.

    2. in AbstractRedirectResourceDetails I see private String userAuthorizationUri. but in the class that extends it, AuthorizationCodeResourceDetails, there is also private String userAuthorizationUri. Shouldn't the string in AbstractRedirectResourceDetails be protected? and avoid this redundancy?

  • #2
    1. Can you paste a link? If it's the wiki you can probably fix it yourself.
    2. Fixed.

    Comment


    • #3
      Originally posted by Dave Syer View Post
      1. Can you paste a link? If it's the wiki you can probably fix it yourself.
      https://github.com/SpringSource/spri...th/wiki/oauth2 under "Protected Resource Configuration"

      If you give me the OK that I'm not missing something, I will fix that.

      2. Fixed.
      you are the best. BTW thanks for everything
      Last edited by OhadR; Oct 23rd, 2012, 08:33 AM.

      Comment


      • #4
        You're not missing anything: type="assertion" was never supported (but might be at some point), and type="client_credentials" is just as useful as type="authorization_code" so it should be mentioned as well.

        Comment


        • #5
          OK.
          I've updated the wiki.

          Comment

          Working...
          X