Document OAuth 2.0 Client XML Support

Fixes gh-8074
This commit is contained in:
Joe Grandja 2020-03-17 10:08:09 -04:00
parent 40b15f5a46
commit e00a030621
1 changed files with 41 additions and 1 deletions

View File

@ -68,6 +68,27 @@ class OAuth2ClientSecurityConfig : WebSecurityConfigurerAdapter() {
----
====
In addition to the `HttpSecurity.oauth2Client()` DSL, XML configuration is also supported.
The following code shows the complete configuration options available in the <<nsa-oauth2-client, security namespace>>:
.OAuth2 Client XML Configuration Options
====
[source,xml]
----
<http>
<oauth2-client client-registration-repository-ref="clientRegistrationRepository"
authorized-client-repository-ref="authorizedClientRepository"
authorized-client-service-ref="authorizedClientService">
<authorization-code-grant
authorization-request-repository-ref="authorizationRequestRepository"
authorization-request-resolver-ref="authorizationRequestResolver"
access-token-response-client-ref="accessTokenResponseClient"/>
</oauth2-client>
</http>
----
====
The `OAuth2AuthorizedClientManager` is responsible for managing the authorization (or re-authorization) of an OAuth 2.0 Client, in collaboration with one or more `OAuth2AuthorizedClientProvider`(s).
The following code shows an example of how to register an `OAuth2AuthorizedClientManager` `@Bean` and associate it with an `OAuth2AuthorizedClientProvider` composite that provides support for the `authorization_code`, `refresh_token`, `client_credentials` and `password` authorization grant types:
@ -655,8 +676,17 @@ class OAuth2ClientSecurityConfig : WebSecurityConfigurerAdapter() {
}
}
----
====
.Xml
[source,xml,role="secondary"]
----
<http>
<oauth2-client>
<authorization-code-grant authorization-request-repository-ref="authorizationRequestRepository"/>
</oauth2-client>
</http>
----
====
===== Requesting an Access Token
@ -739,6 +769,16 @@ class OAuth2ClientSecurityConfig : WebSecurityConfigurerAdapter() {
}
}
----
.Xml
[source,xml,role="secondary"]
----
<http>
<oauth2-client>
<authorization-code-grant access-token-response-client-ref="accessTokenResponseClient"/>
</oauth2-client>
</http>
----
====