From e6bb9bfdcadfb3533dffa222bef83a1155e42038 Mon Sep 17 00:00:00 2001 From: Andy Wilkinson Date: Fri, 18 Jan 2019 10:37:39 -0500 Subject: [PATCH] Fix formatting in Implicit OAuth2AuthorizedClient section --- docs/manual/src/docs/asciidoc/_includes/reactive/webclient.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/webclient.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/webclient.adoc index d33e7b6c01..24aae10e8c 100644 --- a/docs/manual/src/docs/asciidoc/_includes/reactive/webclient.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/reactive/webclient.adoc @@ -50,7 +50,7 @@ WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations, [[webclient-implicit]] == Implicit OAuth2AuthorizedClient -If we set `defaultOAuth2AuthorizedClient` to `true`in our setup and the user authenticated with oauth2Login (i.e. OIDC), then the current authentication is used to automatically provide the access token. +If we set `defaultOAuth2AuthorizedClient` to `true` in our setup and the user authenticated with oauth2Login (i.e. OIDC), then the current authentication is used to automatically provide the access token. Alternatively, if we set `defaultClientRegistrationId` to a valid `ClientRegistration` id, that registration is used to provide the access token. This is convenient, but in environments where not all endpoints should get the access token, it is dangerous (you might provide the wrong access token to an endpoint).