spring-authorization-server icon indicating copy to clipboard operation
spring-authorization-server copied to clipboard

Published 20 hours ago verified publisher icon spring-projects

How-to: Add custom grant type

Open Taschee opened this issue 2 years ago • 3 comments

A guide on how to add a custom flow to the provided core functionality would be very useful.

Context This project does not support grant types that are not part of the OAuth2.1 spec (see https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix#authorization-server-support); Some potential users might still need to support some of these authorization flows, so a guide on how to they can add one by themselves would be nice. Also, there can be other use cases to add your own custom grant types, e.g. in our current project there already exists a dedicated custom grant type which adds some additional custom functionality to the standard client credential flow.

Related: https://github.com/spring-projects/spring-authorization-server/issues/499

Taschee avatar Apr 12 '22 08:04 Taschee

Hello, Reading this discussion I don't understand if it is possible to implement and to declare a non-supported grant type using this library. I understand there is no documentation available, but is it at least possible ? In other words, what is the level of extensibility of Spring Authorization Server ?

6S avatar Jun 28 '22 16:06 6S

Hi @6S. There is documentation available for the project, in case you weren’t aware. If the docs don’t answer the question, you may want to ask on stackoverflow while waiting for this guide. Feel free to link to the question here so others can find it.

sjohnr avatar Jun 29 '22 16:06 sjohnr

Hello, Reading this discussion I don't understand if it is possible to implement and to declare a non-supported grant type using this library. I understand there is no documentation available, but is it at least possible ? In other words, what is the level of extensibility of Spring Authorization Server ?

Hi 6S, yes it is possible but not that easy. You basicly need an Implementation of org.springframework.security.oauth2.server.authorization.web.authentication.AuthenticationConverter and org.springframework.security.authentication.AuthenticationProvider which you have to add to the org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter. The last Point is the tricky part which you can read here: #417

GrmpfNarf avatar Jul 06 '22 05:07 GrmpfNarf

hi one problem i recently found on federated example. i implemented code_flow successfully with federation from azure ad b2c ..but right now i want to implement client_credential flow without any dependency to azure ad b2c and spring authorization server(federated sample) generate token itself without communicating to azure ad b2c.. is it possible? because when i ask for token from authorization server with client credential flow it will be redirected to my azure b2c login page. i mean is there any way to disable federation on special grant_type (flow)?

imaxkhan avatar Mar 27 '23 13:03 imaxkhan

@imaxkhan Please do not ask questions on an unrelated issue. As well, questions are better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements

jgrandja avatar Mar 27 '23 20:03 jgrandja

@imaxkhan Please do not ask questions on an unrelated issue. As well, questions are better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements

sure srry for that https://stackoverflow.com/questions/75856967/how-disable-federation-on-client-credential-flow-inside-spring-federated-authori

imaxkhan avatar Mar 28 '23 09:03 imaxkhan