Commit b6ed037

committed

Document device_code grant disabled by default

1 parent 5da0cbe commit b6ed037Copy full SHA for b6ed037

File tree

2 files changed

+13

-3

lines changed

docs/modules/ROOT/pages/servlet/oauth2/authorization-server
- configuration-model.adoc
- protocol-endpoints.adoc

2 files changed

+13

-3

lines changed

`‎docs/modules/ROOT/pages/servlet/oauth2/authorization-server/configuration-model.adoc‎`

Lines changed: 7 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -11,8 +11,6 @@`
`11`	`11`	The OAuth2 authorization server `SecurityFilterChain` `@Bean` is configured with the following default protocol endpoints:
`12`	`12`
`13`	`13`	`* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-authorization-endpoint[OAuth2 Authorization endpoint]`
`14`		`-* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-device-authorization-endpoint[OAuth2 Device Authorization Endpoint]`
`15`		`-* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-device-verification-endpoint[OAuth2 Device Verification Endpoint]`
`16`	`14`	`* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-token-endpoint[OAuth2 Token endpoint]`
`17`	`15`	`* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-token-introspection-endpoint[OAuth2 Token Introspection endpoint]`
`18`	`16`	`* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-token-revocation-endpoint[OAuth2 Token Revocation endpoint]`
@@ -23,7 +21,13 @@ The OAuth2 authorization server `SecurityFilterChain` `@Bean` is configured with
`23`	`21`	The JWK Set endpoint is configured only if a `JWKSource<SecurityContext>` `@Bean` is registered.
`24`	`22`
`25`	`23`	`[NOTE]`
`26`		`-The xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-client-registration-endpoint[OAuth2 Client Registration endpoint] is disabled by default.`
	`24`	`+====`
	`25`	`+The following protocol endpoints are disabled by default:`
	`26`	`+`
	`27`	`+* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-device-authorization-endpoint[OAuth2 Device Authorization Endpoint]`
	`28`	`+* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-device-verification-endpoint[OAuth2 Device Verification Endpoint]`
	`29`	`+* xref:servlet/oauth2/authorization-server/protocol-endpoints.adoc#oauth2AuthorizationServer-oauth2-client-registration-endpoint[OAuth2 Client Registration endpoint]`
	`30`	`+====`
`27`	`31`
`28`	`32`	The following example shows how to use `OAuth2AuthorizationServerConfiguration` to apply the minimal default configuration:
`29`	`33`

`‎docs/modules/ROOT/pages/servlet/oauth2/authorization-server/protocol-endpoints.adoc‎`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -271,6 +271,9 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h`
`271`	`271`	<6> `errorResponseHandler()`: The `AuthenticationFailureHandler` (_post-processor_) used for handling an `OAuth2AuthenticationException` and returning the https://datatracker.ietf.org/doc/html/rfc6749#section-5.2[OAuth2Error response].
`272`	`272`	<7> `verificationUri()`: The `URI` of the custom end-user verification page to direct resource owners to on a secondary device.
`273`	`273`
	`274`	`+[NOTE]`
	`275`	`+The OAuth2 Device Authorization endpoint is disabled by default.`
	`276`	`+`
`274`	`277`	`OAuth2DeviceAuthorizationEndpointConfigurer` configures the `OAuth2DeviceAuthorizationEndpointFilter` and registers it with the OAuth2 authorization server `SecurityFilterChain` `@Bean`.
`275`	`278`	`OAuth2DeviceAuthorizationEndpointFilter` is the `Filter` that processes OAuth2 device authorization requests.
`276`	`279`
`@@ -319,6 +322,9 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h`
`319`	`322`	<6> `errorResponseHandler()`: The `AuthenticationFailureHandler` (_post-processor_) used for handling an `OAuth2AuthenticationException` and returning the error response.
`320`	`323`	<7> `consentPage()`: The `URI` of the custom consent page to redirect resource owners to if consent is required during the device verification request flow.
`321`	`324`
	`325`	`+[NOTE]`
	`326`	`+The OAuth2 Device Verification endpoint is disabled by default.`
	`327`	`+`
`322`	`328`	`OAuth2DeviceVerificationEndpointConfigurer` configures the `OAuth2DeviceVerificationEndpointFilter` and registers it with the OAuth2 authorization server `SecurityFilterChain` `@Bean`.
`323`	`329`	`OAuth2DeviceVerificationEndpointFilter` is the `Filter` that processes OAuth2 device verification requests (and consents).
`324`	`330`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit b6ed037

File tree

2 files changed

2 files changed

`‎docs/modules/ROOT/pages/servlet/oauth2/authorization-server/configuration-model.adoc‎`

`‎docs/modules/ROOT/pages/servlet/oauth2/authorization-server/protocol-endpoints.adoc‎`

0 commit comments