| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 |
- [[webflux-oauth2-client]]
- = OAuth2 Client
- Spring Security's OAuth Support allows obtaining an access token without authenticating.
- A basic configuration with Spring Boot can be seen below:
- [source,yml]
- ----
- spring:
- security:
- oauth2:
- client:
- registration:
- github:
- client-id: replace-with-client-id
- client-secret: replace-with-client-secret
- scope: read:user,public_repo
- ----
- You will need to replace the `client-id` and `client-secret` with values registered with GitHub.
- The next step is to instruct Spring Security that you wish to act as an OAuth2 Client so that you can obtain an access token.
- .OAuth2 Client
- ====
- .Java
- [source,java,role="primary"]
- ----
- @Bean
- SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
- http
- // ...
- .oauth2Client(withDefaults());
- return http.build();
- }
- ----
- .Kotlin
- [source,kotlin,role="secondary"]
- ----
- @Bean
- fun webFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
- return http {
- // ...
- oauth2Client { }
- }
- }
- ----
- ====
- You can now leverage Spring Security's xref:reactive/integrations/webclient.adoc[webclient] or xref:reactive/registered-oauth2-authorized-client.adoc#webflux-roac[@RegisteredOAuth2AuthorizedClient] support to obtain and use the access token.
|
