THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Assuming the decision was "allow", the client has now received back the authorization code grant and is ready to exchange it for a new access token.
How to create Authorization View
Typically one can use RequestDispatcherProvider to redirect to a view handler like JSP. Overriding RedirectionBasedService.startAuthorization by delegating to the superclass and then converting the Response to HTML or writing a custom MessageBodyWriter that will do the conversion are otehr two options.
EndUser Name in Authorization Form
...
- If it has a uri property set then the current request URI will be checked against it
- If it has an httpVerb property set then the current HTTP verb will be checked against it
If an allPermissionsMatch property is set then the filter will check that all the token permissions have been met.
If a requestScopes property is set then the filter will check that all of the scopes are 'covered' by one or more token permissions.
4. Finally, it will create a CXF SecurityContext using this list of OAuthPermissions, the UserSubject representing the client or the end user who authorized the grant used to obtain this token.
...