OAuth2 M5 compatibility with ietf older versions

[saamy]

Hi!

I am working on 0Auth version M5 which complies with ietf version 22. Now I need to integrate with a client, which has OAuth implementation but based on some older version ietf 10 (http://tools.ietf.org/html/draft-ietf-oauth-v2-10). So there are some discrepancies in the name of parameters between what our oauth-server supports and what this client expects.

So the Client expects token to be send as:
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache

{
"oauth_token":"mF_9.B5f-4.1JqM",
}

while we do is:

HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
{
"access_token":"mF_9.B5f-4.1JqM",
"token_type":"Bearer",
"expires_in":3600
}

So I want to fix it by adding 'oauth_token' to response so that it is compatible with both v10 and v22. I think that can be done by writing a custom serialize class which extends DefaultOAuth2SerializationService.

But how do I plugin this class to TokenEndPoint? Do you think there is a way to configure it?

Many Thanks,
Sam

[Dave Syer]

With recent snapshots you would add a MessageConverter to a RequestMappingHandlerAdapter in the servlet application context (or you could add a TokenEnhancer to add an extra field to the token in its additionalinfo). It might work with M5 but I don't really want to get into how to do it with an old release.