This recipe covers an important feature described by the OAuth 2.0 specification and implemented by Spring Security OAuth2 as well. That's the refresh token grant type, which allows for a better user experience because the Resource Owner does not have to go through all the steps of authentication and authorization against the Authorization Server every time an access token expires.
To run this recipe, you can use your preferred IDE and must have Java 8 and Maven installed. As we will add support to refresh tokens for the Authorization Code and Password grant types, now we will interact with the Authorization Server and Resource Server using the already known tools that are CURL and your web browser. By running this recipe, your OAuth 2.0 Provider will be able to issue an access token and a refresh token for any registered client. This recipe still does not use any kind of persistent database to store client details and tokens and the source code...