in plugin-oauth2/plugin/grails-app/controllers/grails/plugin/springsecurity/oauth2/SpringSecurityOAuth2Controller.groovy [202:242]
def createAccount(OAuth2CreateAccountCommand command) {
OAuth2SpringToken oAuth2SpringToken = session[SPRING_SECURITY_OAUTH_TOKEN] as OAuth2SpringToken
if (!oAuth2SpringToken) {
log.warn "createAccount: OAuthToken not found in session"
throw new OAuth2Exception('Authentication error')
}
if (request.post) {
if (!springSecurityService.loggedIn) {
def commandValid = command.validate()
def User = springSecurityOauth2BaseService.lookupUserClass()
boolean created = commandValid && User.withTransaction { status ->
def user = springSecurityOauth2BaseService.lookupUserClass().newInstance()
user.username = command.username
user.password = command.password1
user.enabled = true
user.addTooAuthIDs(provider: oAuth2SpringToken.providerName, accessToken: oAuth2SpringToken.socialId, user: user)
if (!user.validate() || !user.save()) {
status.setRollbackOnly()
false
}
def UserRole = springSecurityOauth2BaseService.lookupUserRoleClass()
def Role = springSecurityOauth2BaseService.lookupRoleClass()
def roles = springSecurityOauth2BaseService.roleNames
for (roleName in roles) {
log.debug("Creating role " + roleName + " for user " + user.username)
// Make sure that the role exists.
UserRole.create user, Role.findOrSaveByAuthority(roleName)
}
// make sure that the new roles are effective immediately
springSecurityService.reauthenticate(user.username)
oAuth2SpringToken = springSecurityOauth2BaseService.updateOAuthToken(oAuth2SpringToken, user)
true
}
if (created) {
authenticateAndRedirect(oAuth2SpringToken, getDefaultTargetUrl())
return
}
}
}
render view: 'ask', model: [createAccountCommand: command]
}