'Customizing the TokenEndpoint in spring security OAuth2

I would like to customize how the TokenEndpoint works so that I can add additional parameters to to incoming /oauth/token rest call that I will capture and process.

Ok, to perhaps help explain what I want to do, here are some additional aspects to it.

Lets say, in the oauth/token request I want to add another request parameter entry. So instead of sending the oauth/token with grant_type=client_credentials (for example), I want to add grant_type=client_credentials&extraInfo=xxxx.

So my my token endpoint that I have running at request mapping /oauth/token instead of the builtin one (TokenEndpoint), I do everything that the original does PLUS, I parse the extraInfo=xxx and set it as a key/value in the additional info section of the token.

Later in my backend, I extract this extra info and use it to provide some functionality that I need. Various clients will use this extraInfo parameter to send some specific type of information that I was to be aware of.

So basically, ow do I substitute my own token endpoint in place of the regular one? Is this in token services and if so which specific part?



Solution 1:[1]

I figured out an alternative to what i want to do without any of the messiness of trying to create and hook in my custom Token Endpoint.

I put an aspect around (@Around ...) the TokenEndpoint and captured the incoming parameters and resultant token, etc. I then used the spring session framework to put in a structure that I can access (created from what came in) and now I can get at it in my resultant code.

This does what I want without needing to do something more complex.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 EvilJinious1