I am trying to configure my application to pull access and refresh token expire times from my properties file rather than setting them in the java configuration. However it is not picking them up and instead reverts to the default values.
Here is a sample of my Java config where I set the expire values manually. This works just fine when I do it like this.
@Configuration@EnableAuthorizationServerpublic class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { . @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("myclient") .secret("mysecret") .authorizedGrantTypes("password", "refresh_token") .scopes("my-app") .autoApprove("my-app") .accessTokenValiditySeconds(30) .refreshTokenValiditySeconds(3200); }}However when I try to set them like this in my application.properties file like this, it doesnt work.
# Securitysecurity.oauth2.client.access-token-validity-seconds=60security.oauth2.client.refresh-token-validity-seconds=3200Advertisement
Answer
I hope this reply is not too late…
I meet the same problem, and later I find this is a bug.
For the autowired for ClientDetailsService, it has a exception:
Method threw 'org.springframework.beans.factory.BeanCreationException' exception. Cannot evaluate com.sun.proxy.$Proxy135.toString()So the value of clientDetailsService is null. Then it will use the defaul value, so your value setting inside the config class doesn’t work. But if you do it in the application.yml, it will set this value without checking clientDetailsService, so it works.
I have already report this issue to the team, hope somebody may solve this bug. https://github.com/spring-projects/spring-security-oauth/issues/1448
A possible solution is either set the value in the application.yml file or set the value in the DefaultTokenServices like this:
@Bean@Primarypublic DefaultTokenServices tokenServices() { DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); defaultTokenServices.setTokenStore(this.tokenStore()); defaultTokenServices.setSupportRefreshToken(true); defaultTokenServices.setTokenEnhancer(this.accessTokenConverter()); defaultTokenServices.setAccessTokenValiditySeconds(100); return defaultTokenServices;}