spring-boot spring-security oauth-2.0 spring-security-oauth2 spring-authorization-server

How to set clientSettings and tokenSettings with "How-to: Implement core services with JPA" example in Spring Authorization Server

use this Guide How-to: Implement core services with JPA .

// Client entity
  @Column(length = 2000)
  private String clientSettings;
  @Column(length = 2000)
  private String tokenSettings;

when create a client I dont know how to setclientSettings and tokenSettings ，so I just copy database string

    Client client = new Client();
    client.setId(UUID.randomUUID().toString());
    client.setClientIdIssuedAt(Instant.now());
    client.setClientName("TTT");
    client.setClientId("form-client");
    client.setClientSecret("{noop}secret");
    client.setRedirectUris(
        "http://127.0.0.1:4001/login/oauth2/code/felord-oidc,http://127.0.0.1:4001/authorized,http://127.0.0.1:4001/foo/bar,http://127.0.0.1:3001/api/auth/pinecone,https://spruce.jiahang.online/oauth_hcms,http://127.0.0.1:4001/foo/bart,http://36.135.4.69:4000/oauth_hcms,http://36.135.4.216:4000/oauth_hcms,http://localhost:3000/oauth_hcms,http://127.0.0.1:3000/oauth_hcms");
    client
        .setClientAuthenticationMethods(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue());
    client.setAuthorizationGrantTypes(AuthorizationGrantType.AUTHORIZATION_CODE.getValue() + ","
        + AuthorizationGrantType.REFRESH_TOKEN.getValue());
    client.setScopes("openid,userinfo.read");

    String clientSettingString =
        "{\"@class\":\"java.util.Collections$UnmodifiableMap\",\"settings.client.require-proof-key\":false,\"settings.client.require-authorization-consent\":true}";
    String tokenSettingString =
        "{\"@class\":\"java.util.Collections$UnmodifiableMap\",\"settings.token.reuse-refresh-tokens\":true,\"settings.token.id-token-signature-algorithm\":[\"org.springframework.security.oauth2.jose.jws.SignatureAlgorithm\",\"RS256\"],\"settings.token.access-token-time-to-live\":[\"java.time.Duration\",300.000000000],\"settings.token.refresh-token-time-to-live\":[\"java.time.Duration\",3600.000000000]}";

    client.setClientSettings(clientSettingString);
    client.setTokenSettings(tokenSettingString);

    clientRepo.save(client);

has any method to set clientSettings and tokenSettings like below?

.tokenSettings(TokenSettings.builder().build())
.clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build())

Solution

Saving RegisteredClients would go through the same RegisteredClientRepository interface as before. So given a RegisteredClientRepository from the How-To guide:

RegisteredClient registeredClient =
        RegisteredClient.withId(UUID.randomUUID().toString())
                .clientId("messaging-client")
                .clientSecret("{noop}secret")
                .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
                .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                .authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
                .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
                .redirectUri("http://127.0.0.1:8080/login/oauth2/code/messaging-client-oidc")
                .redirectUri("http://127.0.0.1:8080/authorized")
                .scope(OidcScopes.OPENID)
                .scope(OidcScopes.PROFILE)
                .scope("message.read")
                .scope("message.write")
                .tokenSettings(TokenSettings.builder().build())
                .clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build())
                .build();

registeredClientRepository.save(registeredClient);