Configuration Options

This are the configuration options available in the module that will define the behavior of the OAuth2 server.

enforce_state

type: boolean

default: true

Enforces the use of the state parameter while checking for an Authorize Code in the Authorization Code Granting.

allow_implicit

type: boolean

default: false

Defines the allowance of Implicit Granting type in the system.

require_exact_redirect_uri

type: boolean

default: true

Determines if the controller should require an exact match on the "redirect_uri" parameter while checking for an Authorization Code in the Authorization Code Granting.

redirect_status_code

type: integer

default: 302

HTTP Status code that will be shown when redirecting to the defined redirect url while asking for an Authorization Code in the Authorization Code Granting.

access_lifetime

type: integer

default: 3600

Seconds until the generated token expires its validation.

www_realm

type: string

default: Service

token_param_name

type: string

default: access_token

Parameter name defined for the OAuth token authentication while checking for access in the API while sending it via GET method.

token_bearer_header_name

type: string

default: Bearer,

enforce_state

type: boolean

default: true

require_exact_redirect_uri

type: boolean

default: true

allow_implicit

type: boolean

default: false

allow_credentials_in_request_body

type: boolean

default: true

allow_public_clients

type: boolean

default: true

always_issue_new_refresh_token

type: boolean

default: false

use_crypto_tokens

type: boolean

default: false

store_encrypted_token_string

type: boolean

default: true