URL to generate access_token:
Type 1: Generation of token using Username & password:
Type 2: Generation of token without using username & password:
When you have refresh refresh_token after generating from the above url, you need not to have username & password to generate access_token.
http://localhost:8080/security/oauth/token?grant_type=refresh_token&client_id=restapp&client_secret=restapp&refresh_token=74395d99-59c3-44bf-a3d3-1d6b575badb4
client_id and client_Secret can be retrieved from spring-security.xml
<oauth:client-details-service id=”clientDetails”>
<!– client –>
<oauth:client client-id=”restapp”
authorized-grant-types=”authorization_code,client_credentials”
authorities=”ROLE_APP” scope=”read,write,trust” secret=”secret” /><oauth:client client-id=”restapp” authorized-grant-types=”password,authorization_code,refresh_token,implicit”
secret=”restapp” authorities=”ROLE_APP” /></oauth:client-details-service>
We need to find the client details under oauth:client-details-service tag
for the client-id and secret associated with authorized-grant-types: password,authorization_code,refresh_token,implicit
username and password also can be retrieved from spring-security.xml
<authentication-manager alias=”authenticationManager”
xmlns=”http://www.springframework.org/schema/security”>
<authentication-provider>
<user-service>
<user name=”techie” password=”techie@rest” authorities=”ROLE_APP” />
<!– you can create any no. of users just copy paste and change name and password–>
<user name=”techie1″ password=”techie1@rest” authorities=”ROLE_APP” />
</user-service>
</authentication-provider>
</authentication-manager>
Output can be similar to below:
{
“access_token”:”659cc0e4-f89c-453d-a91f-a994b7f0bd9d”,
“token_type”:”bearer”,
“refresh_token”:”1af9ec1f-1578-43e2-89d0-03646fc7e0ad”,
“expires_in”:119
}
TechieHints SOFTWARE 
Leave a comment