I am interested in adding a custom rest endpoint to my OAuth2 Authorization server.
I want to add a registration endpoint that my UI resource server can call, register a user, and get back a token all in one shot (auto login on registration).
I can make this in two requests since the UI Resource Server has the password of the user, but I would prefer to do it in one, since the I am re-using the Authorization Server to store all my user credentials.
I have created an endpoint like
@FrameworkEndpoint
class RegistrationController {
@Autowired
LocalUserAuthenticationService userDetailsService
@Autowired
TokenEndpoint tokenEndpoint
@RequestMapping(value = "/registration", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.CREATED)
public ResponseEntity<OAuth2AccessToken> registerUser(Principal principal,
@RequestBody @Valid RegistrationRequest registrationRequest) {
userDetailsService.register(registrationRequest.email, registrationRequest.password)
return tokenEndpoint.getAccessToken(principal, [grant_type: 'password', username: registrationRequest.email, password: registrationRequest.password])
}
}
And I register it in my context
@EnableAuthorizationServer
public class AuthServerConfig {
@Bean
public RegistrationController(){
return new RegistrationController()
} ... more
}
However, the request is always unauthorized when it is used this way. It says it cannot find the user. It can resolve the basic auth credentials, but wherever it is looking for them it cannot find them despite this bean being registered within this context.
The documentation for @FrameworkEndpoint says
Use with @RequestMapping and all the other @Controller features (and match with a FrameworkEndpointHandlerMapping in the servlet context)
but i cannot seem to crack how to actually do that. Or if I'm misunderstanding it.
How can I get this properly registered so it works like the other framework beans?
