Jun 12th, 2012, 10:21 AM
FrameworkEndpointHandlerMapping is not registered for password grant type
after the recent SECOAUTH-273 change I noticed that the TokenEndpoint mapped to "/oauth/token" is not picked up by my application anymore. I debugged the cause to be the class FrameworkEndpointHandlerMapping that does not automatically get registered if the only configured grant type in the authorization server definition is "password".
As far as I remember the OAuth2-draft for the resource owner password authentication scheme one still needs access to the token endpoint so this may be an unintended behavior. Manually registering an instance of FrameworkEndpointHandlerMapping fixes this issue though.
Jun 12th, 2012, 11:25 AM
Yep, that's a bug. Fixed now in master.