Member-only story
Spring Boot Oauth2 Client override expiry of token response
If not a medium member, try using the link here to get free access to the post
Spring Boot’s Oauth2 client is the best library which adheres to most part of Oauth2 & open id standards.
For the straight forward integration needs, it works just fine without any extra complex changes or customisations.
With the complex requirements & integrations, one can override almost good part of it, since it is all java!
The Problem Statement → What if the Token endpoint is not returning expires_in or using a different key instead of the standard expires_in field, but internally you are sure that the token is valid for 1 hour(3600 seconds) or may be some other custom value?
Why would I need to do this? → Because otherwise if the expiry is not known to spring framework, It will hit the token endpoint, almost every time before hitting the resource endpoint.
Still Why? → because you are using a non standard token endpoint that does not exposes the expiry of endpoint in standard option of expires_in.
For such a specific use case we can leverage BodyExtractors for webflux based project & a custom OAuth2AccessTokenResponseClient for the servlets based project.
