This brings basic support for 3-legged oauth support to open your API to the world
There is still a lot of room for improvement:
the approval page is spring security's default one which is quite ugly
the /oauth/authorize endpoint is secured with stateless basic auth. It would be better to use the jhipster's login form but this one should redirect back to the authorize page after login which is currently not the case.
springfox could be used to document the authorization (securityDefinitions) but then it doesn't work anymore with password oauth. I guess this is because when there is securityDefinitions the auth bearer that we pass from angular is overridden.
for SQL databases, you can configure as many client apps as you want by adding rows in the oauth_client_details table. Unfortunately there is currentlly no equivalent for Mongo so you have only the main app registered.
This brings basic support for 3-legged oauth support to open your API to the world
There is still a lot of room for improvement: