Oct 23rd, 2012, 06:06 AM
2 questions concerning OAuth2ProtectedResourceDetails
When I define (in my client) the "resource", I saw that it creates some instance of OAuth2ProtectedResourceDetails (I've looked at ResourceBeanDefinitionParser), depends on the "type" property. there, I see 4 options:
"authorization_code" --> AuthorizationCodeResourceDetails
"implicit" --> ImplicitResourceDetails
"client_credentials" --> ClientCredentialsResourceDetails
default --> BaseOAuth2ProtectedResourceDetails
1. in the docs, I see that "Valid values include "authorization_code", "password", and "assertion". Default value is "authorization_code". Am I missing something, or should I fix the doc? I see nothing with password or assertion in ResourceBeanDefinitionParser.
2. in AbstractRedirectResourceDetails I see private String userAuthorizationUri. but in the class that extends it, AuthorizationCodeResourceDetails, there is also private String userAuthorizationUri. Shouldn't the string in AbstractRedirectResourceDetails be protected? and avoid this redundancy?
Oct 23rd, 2012, 07:29 AM
1. Can you paste a link? If it's the wiki you can probably fix it yourself.
Oct 23rd, 2012, 08:13 AM
https://github.com/SpringSource/spri...th/wiki/oauth2 under "Protected Resource Configuration"
Originally Posted by Dave Syer
If you give me the OK that I'm not missing something, I will fix that.
you are the best. BTW thanks for everything
Last edited by OhadR; Oct 23rd, 2012 at 08:33 AM.
Oct 23rd, 2012, 08:46 AM
You're not missing anything: type="assertion" was never supported (but might be at some point), and type="client_credentials" is just as useful as type="authorization_code" so it should be mentioned as well.
Oct 23rd, 2012, 08:49 AM
I've updated the wiki.