<spring:bean id="clientsObjectStore" class="org.mule.util.store.InMemoryObjectStore" init-method="initialise" destroy-method="dispose" />
<spring:bean name="clientStore" class="org.mule.modules.oauth2.provider.client.ObjectStoreClientStore">
<spring:property name="objectStore" ref="clientsObjectStore" />
</spring:bean>
<oauth2-provider:config
name="oauth2ProviderRegister"
providerName="SampleAPI"
supportedGrantTypes="IMPLICIT"
port="8085"
clientStore-ref="clientStore"
authorizationEndpointPath="sampleapi/api/authorize"
accessTokenEndpointPath="sampleapi/api/token"
resourceOwnerSecurityProvider-ref="resourceOwnerSecurityProvider"
scopes="READ_RESOURCE POST_RESOURCE" doc:name="OAuth provider module" />
About Storing OAuth Tokens
The OAuth2 provider can specify the implementation of the object stores where the clients, the tokens and the refresh tokens are stored. Here is a sample configuration on how to do this with the client store.
You may use the JDBC Transport or the Mongo DB transport for database-backed client object stores. Similarly, you may define settings for storing the access tokens and the refresh tokens:
<spring:bean name="tokenStore" class="org.mule.modules.oauth2.provider.token.ObjectStoreTokenStore">
<spring:property name="refreshTokenObjectStore" ref="refreshTokenObjectStore" />
<spring:property name="accessTokenObjectStore" ref="accessTokenObjectStore" />
</spring:bean>
If you do this, you then need to reference these in the oauth2-provider
:
<oauth2-provider:config
name="oauth2ProviderRegister"
providerName="SampleAPI"
supportedGrantTypes="IMPLICIT"
port="8085"
tokenStore-ref="tokenStore"
authorizationEndpointPath="sampleapi/api/authorize"
accessTokenEndpointPath="sampleapi/api/token"
resourceOwnerSecurityProvider-ref="resourceOwnerSecurityProvider"
scopes="READ_RESOURCE POST_RESOURCE" doc:name="OAuth provider module" />
About Obtaining User Credentials
In some cases, you might want to have access to information about what externally authenticated users are using your API. To obtain this information, you can add an expression component with the following script:
<expression-component>
message.outboundProperties.put('X-Authenticated-userid', _muleEvent.session.securityContext.authentication.principal.username)
</expression-component>
The script above stores the username in the mule message as an outbound-property named X-Authenticated-userid
. You can modify this code to change the name of the header being created if you wish.