I am working on creating api for OAuth2 using Spring for my application but there is nothing written in the specification (http://tools.ietf.org/html/rfc6749) nor in Spring OAuth2 Documentation about how to generate client secret.
Do anyone have any idea?
So when configuring beans for Spring OAuth2 you typically provide an instance of PasswordEncoder for the ClientDetailsService.
Typical case is to use the BCryptPasswordEncoder. So before putting encoded client secret into database column you can write a sample program to generate it:
String password = "testPassword"; PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); String encodedPassword = passwordEncoder.encode(password);