Add user consent page

Closes gh-42

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java

@@ -29,6 +29,7 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
+import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 import java.util.UUID;
@@ -53,6 +54,7 @@ public class AuthorizationServerConfig {
 				.redirectUri("http://localhost:8080/authorized")
 				.scope("message.read")
 				.scope("message.write")
+				.clientSettings(new ClientSettings().requireUserConsent(true))
 				.build();
 		return new InMemoryRegisteredClientRepository(registeredClient);
 	}

samples/boot/oauth2-integration/client/src/main/java/sample/web/AuthorizationController.java

@@ -18,11 +18,16 @@ package sample.web;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
+import org.springframework.security.oauth2.core.OAuth2Error;
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.reactive.function.client.WebClient;
 
+import javax.servlet.http.HttpServletRequest;
+
 import static org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.clientRegistrationId;
 import static org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.oauth2AuthorizedClient;
 
@@ -58,6 +63,22 @@ public class AuthorizationController {
 		return "index";
 	}
 
+	// '/authorized' is the registered 'redirect_uri' for authorization_code
+	@GetMapping(value = "/authorized", params = OAuth2ParameterNames.ERROR)
+	public String authorizationFailed(Model model, HttpServletRequest request) {
+		String errorCode = request.getParameter(OAuth2ParameterNames.ERROR);
+		if (StringUtils.hasText(errorCode)) {
+			model.addAttribute("error",
+					new OAuth2Error(
+							errorCode,
+							request.getParameter(OAuth2ParameterNames.ERROR_DESCRIPTION),
+							request.getParameter(OAuth2ParameterNames.ERROR_URI))
+			);
+		}
+
+		return "index";
+	}
+
 	@GetMapping(value = "/authorize", params = "grant_type=client_credentials")
 	public String clientCredentialsGrant(Model model) {
 

samples/boot/oauth2-integration/client/src/main/resources/templates/index.html

@@ -19,6 +19,10 @@
             </nav>
         </div>
         <div class="container">
+            <div th:if="${error}" class="alert alert-danger alert-dismissible" role="alert">
+                <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+                <h4 th:text="${error}" class="text-center"></h4>
+            </div>
             <div class="panel panel-default">
                 <div class="panel-heading">
                     <h3 class="panel-title">Authorize the client using <span style="font-family:monospace">grant_type</span>:</h3>