autoApproveClients doesn't seam to work
I'm trying to auto approve my clients after a successful login. But I always get redirected to localhost:8080/myapp/oauth/confirm_access instead to the configured and committed redirect url.
The request is:
http://localhost:8080/myapp/oauth/au...%2Fapp onizer (It comes from my spring social provider integration on client side, redirect url is configured on oauth server for this client)
The implementation of MyAppUserApprovalHandler is a copy from SparklrUserApprovalHandler.
<bean id="userApprovalHandler" class="ch.myapp.be.security.MyAppUserApprovalHandler">
<property name="tokenServices" ref="tokenServices" />
In fact the following code in MyAppUserApprovalHandler resolves to false:
How can I get this "token"? Is this a Client or Server configuration thing? Because I don't understand the bigger meaning: Is this a security hole if I add autoapprove? My understanding was I that the user don't have to approve again for certain resources to access them but still has to authorize himselfe.
Problem occurs under: spring-security-oauth2-1.0.0.M6c