Adding more then one client to the Spring OAuth2 Auth Server
Do not use multiple inMemory
builders, instead concatenate multiple withClient
s inside one inMemory
:
@Overridepublic void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("first") .secret("secret") .scopes("read") .authorizedGrantTypes("password") .and() .withClient("sec") .secret("secret") .scopes("read") .authorizedGrantTypes("password");}
For inMemory
builder with configuration (you will have to define your own configuration):
@Override public void configure ( ClientDetailsServiceConfigurer clients ) throws Exception { // @formatter:off InMemoryClientDetailsServiceBuilder inMemoryBuilder = clients.inMemory (); for (String clientKey: authServerProperties.getClient ().keySet ()) { OAuthClientProperties client = authServerProperties.getClient ().get ( clientKey ); inMemoryBuilder .withClient ( client.getClientId () ) .secret ( client.getClientSecret () ) .scopes ( client.getScopes () == null ? new String[] {"openid"} : client.getScopes () ) .authorizedGrantTypes ( client.getAuthorizedGrandTypes () == null ? "client_credentials" : client.getAuthorizedGrandTypes () ); } // @formatter:on }
with two additional classes:
@ConfigurationProperties ( prefix = "my-authorization-server" )public class AuthServerProperties private final Map<String, OAuthClientProperties> client = new HashMap<> (); ... public Map<String, OAuthClientProperties> getClient () { return client; } ...}public class OAuthClientProperties { private String clientId; private String clientSecret; private String[] scopes; private String authorizedGrandTypes; public String getClientId () { return clientId; } public void setClientId ( String clientId ) { this.clientId = clientId; } public String getClientSecret () { return clientSecret; } public void setClientSecret ( String clientSecret ) { this.clientSecret = clientSecret; } public String[] getScopes () { return scopes; } public void setScopes ( String[] scopes ) { this.scopes = scopes; } public String getAuthorizedGrandTypes () { return authorizedGrandTypes; } public void setAuthorizedGrandTypes ( String authorizedGrandTypes ) { this.authorizedGrandTypes = authorizedGrandTypes; }}
and finally, in properties you would have something like this:
my-authorization-server.client.foo.client-id=foo-clientmy-authorization-server.client.foo.client-secret=foo-client-supersecretmy-authorization-server.client.foo.scopes=readmy-authorization-server.client.bar.client-id=bar-clientmy-authorization-server.client.bar.client-secret=bar-client-verysupersecretmy-authorization-server.client.bar.scopes=read,write