Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish ClientRegistrations documentation 

Issue #7462
This commit is contained in:
Joe Grandja 2019-09-27 11:38:36 -04:00
parent 9944037cc7
commit 6fe96c643f
1 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/manual/src/docs/asciidoc/_includes/servlet/oauth2/oauth2-client.adoc
View File

@ -75,7 +75,6 @@ The following sections will go into more detail on the core components used by O
* <<oauth2Client-core-interface-class>>
** <<oauth2Client-client-registration, ClientRegistration>>
** <<oauth2Client-client-registrations, ClientRegistrations>>
** <<oauth2Client-client-registration-repo, ClientRegistrationRepository>>
** <<oauth2Client-authorized-client, OAuth2AuthorizedClient>>
** <<oauth2Client-authorized-repo-service, OAuth2AuthorizedClientRepository / OAuth2AuthorizedClientService>>
@ -155,26 +154,19 @@ The name may be used in certain scenarios, such as when displaying the name of t
The supported values are *header*, *form* and *query*.
<15> `userNameAttributeName`: The name of the attribute returned in the UserInfo Response that references the Name or Identifier of the end-user.
[[oauth2Client-client-registrations]]
==== ClientRegistrations
A `ClientRegistration` can be initially configured using discovery of an OpenID Connect Provider's https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig[Configuration endpoint] or an Authorization Server's https://tools.ietf.org/html/rfc8414#section-3[Metadata endpoint].
A `ClientRegistration` can be initially configured by hitting an authorization server's https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig[Provider Configuration] endpoint or a https://tools.ietf.org/html/rfc8414#section-3[Authorization Server Metadata] endpoint.
`ClientRegistrations` provides convenience methods for generating a `ClientRegistration` in this way, as can be seen in the following example:
`ClientRegistrations` provides convenience methods for configuring a `ClientRegistration` in this way, as can be seen in the following example:
[source,java]
----
@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
ClientRegistration clientRegistration =
ClientRegistrations.fromIssuerLocation("https://idp.example.com/issuer").build();
return new InMemoryClientRegistrationRepository(clientRegistration);
}
ClientRegistration clientRegistration =
ClientRegistrations.fromIssuerLocation("https://idp.example.com/issuer").build();
----
The above code will query in series `https://idp.example.com/issuer/.well-known/openid-configuration`, and then `https://idp.example.com/.well-known/openid-configuration/issuer`, and finally `https://idp.example.com/.well-known/oauth-authorization-server/issuer`, stopping at the first to return a 200 response.
As an alternative, you can invoke `ClientRegistrations#fromOidcIssuerLocation` to only hit the OIDC Provider Configuration endpoint.
As an alternative, you can use `ClientRegistrations.fromOidcIssuerLocation()` to only query the OpenID Connect Provider's Configuration endpoint.
[[oauth2Client-client-registration-repo]]
==== ClientRegistrationRepository