我想使用oauth2配置spring boot以在流刷新令牌授权中工作。我需要的是发送请求,授权类型设置为“refresh_token”,并使用字段刷新令牌,我想放置我的令牌。作为响应,我收到访问令牌。
对于flow Resource owner credentials grant,我有这样的配置:
@EnableOAuth2Client
@Configuration
public class AuthConfig {
@Value("${conf.client-id}")
private String clientId;
@Value("${conf.client-secret}")
private String clientSecret;
@Value("${conf.access-token-uri}")
private String tokenUrl;
@Value("${conf.grant-type}")
private String grantType;
@Value("${conf.refresh-token}")
private String refreshToken;
@Value("${conf.username}")
private String username;
@Value("${conf.password}")
private String password;
@Bean
public OAuth2ProtectedResourceDetails resourceDetails() {
ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
resource.setAccessTokenUri(tokenUrl);
resource.setClientId(clientId);
resource.setClientSecret(clientSecret);
resource.setGrantType(grantType);
resource.setPassword(password);
resource.setUsername(username);
return resource;
}
@Autowired
private OAuth2ClientContext oauth2Context;
@Bean
public OAuth2RestTemplate oauth2RestTemplate(
OAuth2ClientContext oauth2Context, OAuth2ProtectedResourceDetails details
)
{
return new OAuth2RestTemplate(details, oauth2Context);
}
}
是否可以使用刷新令牌构建OAuth2ProtectedResourceDetails,而不使用用户名和密码?
我是SpringBoot的新手,但是我读了很多主题而我找不到答案。