How to set expire_in in OAUTH 2.0?

后端未结

关注

 8  2071

醉梦人生 2020-12-28 15:58

I am using OAuth 2.0 with spring for token generation and I want to set expire_in manually so token can expire as per my criteria. Any one help me?

8条回答

猫巷女王i (楼主)

2020-12-28 16:36

It can be set with a ClientBuilder obtained from a ClientDetailsServiceConfigurer.

@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
            .withClient("client")
            .secret("secret")
            .authorizedGrantTypes("authorization_code", "refresh_token", "password")
            .scopes("app")
            .accessTokenValiditySeconds(30);
    }

    // ... additional configuration
}

or directly on DefaultTokenServices depending on your need.

@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

        // optionally here you could just get endpoints.getConsumerTokenService()
        // and cast to DefaultTokenServices and just set values needed

        DefaultTokenServices tokenServices = new DefaultTokenServices();
        tokenServices.setTokenStore(endpoints.getTokenStore());
        tokenServices.setSupportRefreshToken(true);
        tokenServices.setClientDetailsService(endpoints.getClientDetailsService());
        tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer());
        tokenServices.setAccessTokenValiditySeconds(60);

        endpoints.tokenServices(tokenServices);            
    }
}

0 讨论(0)

查看其它8个回答