Using Spring OAuth2 client with the github api -
i'm trying use spring security oauth2 access github api. problem i'm having once response authorize api, don't token, code needs verification step.
i don't see how can plug spring's oauth 2 framework. missing something?
here's flow github wants:
this step specifically:
if user accepts request, github redirects site temporary code in code parameter state provided in previous step in state parameter. if states don’t match, request has been created third party , process should aborted.
exchange access token:
you can plug in spring security. called authorization code
, spring security supports that.
here chapter in specs extra-step flow described: https://tools.ietf.org/html/rfc6749#section-4.1
you don't have care this. spring automagically handle behind scenes. here class in spring security handles flow: authorizationcodeaccesstokenprovider
Comments
Post a Comment