Baeldung010 phút
Dynamic Authorization Scopes in Spring Authorization Server
A step-by-step guide to extending Spring Authorization Server to support dynamic OAuth 2.0 scopes — scopes not known in advance by the authorization server. Covers when dynamic scopes are useful (e.g., single-operation tokens for transfers or sensitive updates), and walks through the required customizations: scope validation logic via a custom AuthenticationValidator, consent validation using a Predicate, a custom consent page with Thymeleaf, and end-to-end integration testing with WebEnvironment.RANDOM_PORT and RestTestClient. Code separates Spring-specific adapter code from business logic via a DynamicScopeService.