Spring Security OAuth2 - Add parameter to Authorization URL -
i using spring security oauth2 authentication/authorization using following project. http://projects.spring.io/spring-security-oauth/
i have requirement add parameter oauth2 authorization url. not sure how should add authorizationcoderesourcedetails bean?
the problem want start user journey login or registration client site. client send oauth request , on authorization server show either registration form or login form user continue journey.
the default flow has following parameters /oauth/authorize?client_id=[]&redirect_uri=[]&response_type=token&scope=openid+profile&state=hzsmkb
i want append "&startpoint=register"
public oauth2protectedresourcedetails googleoauth2details() { authorizationcoderesourcedetails googleoauth2details = new authorizationcoderesourcedetails(); googleoauth2details.setauthenticationscheme(header); googleoauth2details.setclientauthenticationscheme(header); googleoauth2details.setclientid(clientid); googleoauth2details.setclientsecret(clientsecret); googleoauth2details.setuserauthorizationuri(authorizationurl); googleoauth2details.setaccesstokenuri(accesstokenurl); googleoauth2details.setscope(aslist("openid","profile")); return googleoauth2details; } @suppresswarnings("springjavaautowiringinspection") // provided spring boot @resource private oauth2clientcontext oauth2clientcontext; @bean @scope(value = "session", proxymode = scopedproxymode.interfaces) public oauth2restoperations authcoderesttemplate() { return new oauth2resttemplate(googleoauth2details(), oauth2clientcontext); }
as "authorizationcoderesourcedetails" based on auth2 "authorization_code" flow doesn't accept parameters. therefore, fix did workaround providing parameter in authorization url itself.
for eg. if authorization url http://localhost:8080/idp/oauth/authorize
than have appended parameter url following http://localhost:8080/idp/oauth/authorize?startpoint=register
as request saved session spring under savedrequest variable can later on find out whether initiated request registration or login.
Comments
Post a Comment