Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Document JdbcOAuth2AuthorizedClientService

Fixes gh-8061
Joe Grandja 5 years ago
parent
62d01d2dfc
commit
b42f0f50ab
2 changed files with 30 additions and 0 deletions
Split View Show Diff Stats
  1. 23 0
      docs/manual/src/docs/asciidoc/_includes/servlet/appendix/database-schema.adoc
  2. 7 0
      docs/manual/src/docs/asciidoc/_includes/servlet/oauth2/oauth2-client.adoc

+ 23 - 0
docs/manual/src/docs/asciidoc/_includes/servlet/appendix/database-schema.adoc
View File 

@@ -363,3 +363,26 @@ BEGIN
 
     SELECT ACL_ENTRY_SQ.NEXTVAL INTO :NEW.ID FROM DUAL;
 
 END;
 
 ----
 
+
 
+
 
+[[dbschema-oauth2-client]]
 
+== OAuth 2.0 Client Schema
 
+The JDBC implementation of <<oauth2Client-authorized-repo-service, OAuth2AuthorizedClientService>> (`JdbcOAuth2AuthorizedClientService`) requires a table for persisting `OAuth2AuthorizedClient`(s).
 
+You will need to adjust this schema to match the database dialect you are using.
 
+
 
+[source,ddl]
 
+----
 
+CREATE TABLE oauth2_authorized_client (
 
+  client_registration_id varchar(100) NOT NULL,
 
+  principal_name varchar(200) NOT NULL,
 
+  access_token_type varchar(100) NOT NULL,
 
+  access_token_value blob NOT NULL,
 
+  access_token_issued_at timestamp NOT NULL,
 
+  access_token_expires_at timestamp NOT NULL,
 
+  access_token_scopes varchar(1000) DEFAULT NULL,
 
+  refresh_token_value blob DEFAULT NULL,
 
+  refresh_token_issued_at timestamp DEFAULT NULL,
 
+  created_at timestamp DEFAULT CURRENT_TIMESTAMP NOT NULL,
 
+  PRIMARY KEY (client_registration_id, principal_name)
 
+);
 
+----

+ 7 - 0
docs/manual/src/docs/asciidoc/_includes/servlet/oauth2/oauth2-client.adoc
View File 

@@ -277,6 +277,13 @@ public class OAuth2ClientController {
 
 Spring Boot 2.x auto-configuration registers an `OAuth2AuthorizedClientRepository` and/or `OAuth2AuthorizedClientService` `@Bean` in the `ApplicationContext`.
 
 However, the application may choose to override and register a custom `OAuth2AuthorizedClientRepository` or `OAuth2AuthorizedClientService` `@Bean`.
 
 
+The default implementation of `OAuth2AuthorizedClientService` is `InMemoryOAuth2AuthorizedClientService`, which stores `OAuth2AuthorizedClient`(s) in-memory.
 
+
 
+Alternatively, the JDBC implementation `JdbcOAuth2AuthorizedClientService` may be configured for persisting `OAuth2AuthorizedClient`(s) in a database.
 
+
 
+[NOTE]
 
+`JdbcOAuth2AuthorizedClientService` depends on the table definition described in <<dbschema-oauth2-client, OAuth 2.0 Client Schema>>.
 
+
 
 
 [[oauth2Client-authorized-manager-provider]]
 
 ==== OAuth2AuthorizedClientManager / OAuth2AuthorizedClientProvider