Suggestion: Please allow extra params to be saved in AccessGrant upon oauth

[goatboy]

hey guys,

i was working with Bitly using spring social and extending oauth2 related service provider, template to make it work and it's been great. So kudos on giving us a nice library that is easily pluggable even with something like Bitly which in theory is not a social network but uses oauth.

Now I wanted to suggest perhaps adding an additional Map<String, String> maybe in AccessGrant class to save a few additional params that comes back during ouath that are not refreshToken or expire etc ...

The reason is that bitly for example oauths you and returns 3 params
access_token
login
apiKey

now most of the rest of their api for example shortenUrl api rely on login/apiKey pair
so we save this info and keep it around for later
basically i'm doing a hack by setting the refreshToken of AccessGrant to something like so
login:apiKey and parsing this later during addConnection of my connection repository.

this is my BitlyOAuth2Template extending OAuth2Template with this

@Override
@SuppressWarnings("unchecked")
protected AccessGrant postForAccessGrant(String accessTokenUrl, MultiValueMap<String, String> parameters) {
MultiValueMap<String, String> response = getRestTemplate().postForObject(accessTokenUrl, parameters, MultiValueMap.class);
String login = response.getFirst("login");
String apiKey = response.getFirst("apiKey");
// store login and apiKey in refreshToken as login:apiKey to be saved back to bitly account on oauth completion.
return new AccessGrant(response.getFirst("access_token"), null, login + ":" + apiKey, null);
}

i thought it be great to have what we have now but allow AccessToken to also have an optional map of extra params in case other oauth2 service providers in the future return extra params that we might/may use down the line aside from access_token.
so an optional
Map<String, ?> would be awesome to keep in AccessGrant and have it accessible
later when creating OAuth2Connection() also take this optional map and store it there in case our connection repository needs it for createData new ConnectionData() has this as well.

because AccessGrant is a final class i can't extend it to add this functionality.
Otherwise i would add it and make it available for a review/pull perhaps.

So please remove final from AccessGrant or give us away to save extra params that some oauth providers might return aside from access_token and refresh token and expire.

thanks and awesome job... i love spring social.. we've used it for twitter/facebook/linkedin and now Bitly all server side with ConnectionController as our front end controller to oauth. We oauth and then use the stored access_tokens to do everything from server side like posting updates/notices/shortening url all on behalf of oauthed user. Great job

[goatboy]

created issue in jira to keep track of this. https://jira.springsource.org/browse/SOCIAL-179