Change Response in Oauth2 Spring

Question

Hi i have posted this question in this forum. I post it here too, to have more chance for a response

http://forum.spring.io/forum/spring-projects/security/oauth/745627-response-of-oauth2

I need to add information in the json response of an Oauth authentication2. Now my configuration return a response like:

{"access_token":"523dd467-e5c0-407b-95e4-ea60a403d772",
"token_type":"bearer",
"refresh_token ":"e3378c95-1ebf-419b-bf45-e734d8e94aba",
"expires_in":43199}

But what i wish is to have is evriting like:

{"access_token":"523dd467-e5c0-407b-95e4-ea60a403d772",
"token_type":"bearer",
"refresh_token ":"e3378c95-1ebf-419b-bf45-e734d8e94aba",
"expires_in":43199, "other":"value"}

Is this possible in a easy way?

Other question is: It's correct that if I wish to change the expireTime i should implement the TokenStore interface? Is there any documentation about it?

The last question is: Is there a easy way to make Oauth2 authentication with Credentials (Username and Password) in json format?

Post the full question here if you want to get help. – aksu Feb 27 '14 at 14:56 — aksu, Feb 27 '14 at 14:56

score 7 · Accepted Answer · edited Apr 21 '16 at 10:22

Tank's blackhorse.

I only found how to add other information to response. Json format not at his time (is not a high priority at the moment). My solution is as following:

Implement the TokenEnhancer and add a property to tokenService configuration:

Example:

<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices"> <property name="tokenStore" ref="tokenStore" /> <property name="supportRefreshToken" value="true" /> <property name="clientDetailsService" ref="clientDetailsService" /> <property name="tokenEnhancer" ref="tokenEnhancer"/> </bean>

and the implementation:

    public class MyTokenEnhancer implements TokenEnhancer {

        private List<TokenEnhancer> delegates = Collections.emptyList();

    public void setTokenEnhancers(List<TokenEnhancer> delegates) {
        this.delegates = delegates;
    }

    @Override
    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
        DefaultOAuth2AccessToken tempResult = (DefaultOAuth2AccessToken) accessToken;

        final Map<String, Object> additionalInformation = new HashMap<String, Object>();
        final String infoValue = "This is my value"; 

        additionalInformation.put("myInfo", infoValue);
        tempResult.setAdditionalInformation(additionalInformation);

        OAuth2AccessToken result = tempResult;
        for (TokenEnhancer enhancer : delegates) {
            result = enhancer.enhance(result, authentication);
        }
        return result;
    }
}

If you find a beter/elegant solution.... I'm open to suggestions

score -1 · Answer 2 · answered Mar 09 '14 at 14:16

<bean id="tokenServices"        class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="accessTokenValiditySeconds" value="300000"></property>
<bean/>

Using this you can control the expiry (value in seconds)

I too want to customize the response and need json format as in your last question.. have you come across any solution..?

Change Response in Oauth2 Spring

2 Answers2

Linked