I'm using social network Vkontakte as Oauth2 authorization server. So I have several steps: 1) get code with request with request_type=code 2) get accessToken when I send request to access token uri
So I want to use Spring Oauth2, but I should get authorization code first, then access token, i've tried to add to application.yml :
authorized-grant-types: authorization_code
it's my application.yml:
security:
oauth2:
client:
clientId: [clientId]
clientSecret: [clientSecret]
accessTokenUri: https://oauth.vk.com/access_token
userAuthorizationUri: https://oauth.vk.com/authorize
tokenName: access_token
registered-redirect-uri: http://localhost:8080/login
resource:
token-info-uri: http://localhost:8080/user
but actually it doesn't help. If somebody faced it and know how to configure Spring Oauth2 app - will be grateful for help
Actually after couple days of investigation i figured out that Spring OAuth2 completely implementing all features and configuration to my client application uses the authorization code grant to obtain an access token from Vkontakte (the Authorization Server)
The only thing i need to do if i take as sample Spring Boot and OAuth2 social login simple is to populate application.yml with correct creds for my Authorization server:
security:
oauth2:
client:
clientId: xxxxxxx
clientSecret: xxxxxxxxxxx
accessTokenUri: https://oauth.vk.com/access_token
userAuthorizationUri: https://oauth.vk.com/authorize
tokenName: code
authenticationScheme: query
clientAuthenticationScheme: form
grant-type: authorization_code
resource:
userInfoUri: https://api.vk.com/method/users.get
The only problem i faced was providing correct token name and userInfoUri to retrieve logged user info.
According token name it is name of authorization code your get after passing authoriztion(response_type=token name, it calls code in my case) and use to get access token.
Hope it will be helpful people face the same problem
来源:https://stackoverflow.com/questions/40072232/spring-oauth2-authorization-code-flow-configuration-for-vk-vkontakte