I learn how to use oauth2 from the example sparklr2, but it use inMemoryClientDetailsService. which is not the case for production, an oauth2 webapp like twitter should let new client to register. so eventually will use JdbcClientDetailsService. but the example and documentation of spring security oauth2 does not provide what is the correct way to do registration in code.
here is what I guess from looking at the project source.
JdbcClientDetailsServiceBuilder client = new JdbcClientDetailsServiceBuilder();
client.dataSource(dataSource)
.withClient("my-trusted-client-with-secret")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
.secret("somesecret");
client.build();
it writes a record to the database oauth_client_details table, but I want to know if I am doing it correctly (best practice)? does anyone know?
