Updated Token Introspecting Client Config (markdown)

master
Justin Richer 2013-07-08 11:52:20 -07:00
parent 35fdce1cae
commit bf11ade4b6
1 changed files with 6 additions and 5 deletions

@ -1,12 +1,13 @@
The following code sets up a filter to take a token passed in to the web application, and fill in the details as an OAuth2Authentication object by introspecting it with the IDP.
The following code sets up a filter to take a token passed in to the web application, and fill in the details as an `OAuth2Authentication` object by introspecting it with the configured issuer's Introspection Endpoint (configured as the `introspectionUrl` property). The service authenticates its calls using the `clientId` and `clientSecret` properties.
In applicationContext.xml:
```
<oauth:resource-server id="resourceServerFilter" token-services-ref="IntrospectingService" />
<bean id="IntrospectingService" class="org.mitre.oauth2.introspectingfilter.IntrospectingTokenService">
<oauth:resource-server id="resourceServerFilter" token-services-ref="introspectingService" />
<bean id="introspectingService" class="org.mitre.oauth2.introspectingfilter.IntrospectingTokenService">
<property name="clientId" value="yourClientId"/>
<property name="clientSecret" value="yourClientSecret"/>
<property name="introspectionUrl" value="${idp.url}introspect"/>
<property name="introspectionUrl" value="http://localhost:8080/openid-connect-server/introspect"/>
</bean>
```
```
If the token is valid, the service creates an Authorization with the user in the `sub` field of the response and the role `ROLE_API`.