春季oauth2授权代码流程，用于VK(Vkontakte)的配置 [英] spring oauth2 authorization code flow , configuration for VK (Vkontakte)

问题描述

我正在使用社交网络Vkontakte作为Oauth2授权服务器.所以我有几个步骤: 1)使用 request_type = code 获得带有请求的代码 2)当我发送访问令牌uri的请求时获取accessToken

I'm using social network Vkontakte as Oauth2 authorization server. So I have several steps: 1) get code with request with request_type=code 2) get accessToken when I send request to access token uri

所以我想使用Spring Oauth2，但是我应该先获取授权代码，然后访问令牌，我尝试将其添加到application.yml中:

So I want to use Spring Oauth2, but I should get authorization code first, then access token, i've tried to add to application.yml :

authorized-grant-types: authorization_code

这是我的application.yml:

it's my application.yml:

security:
  oauth2:
    client:
      clientId: [clientId]
      clientSecret: [clientSecret]
      accessTokenUri: https://oauth.vk.com/access_token
      userAuthorizationUri: https://oauth.vk.com/authorize
      tokenName: access_token
      registered-redirect-uri: http://localhost:8080/login
    resource:
      token-info-uri: http://localhost:8080/user

但实际上没有帮助.如果有人遇到它并知道如何配置Spring Oauth2应用程序，将不胜感激

but actually it doesn't help. If somebody faced it and know how to configure Spring Oauth2 app - will be grateful for help

推荐答案

实际上，经过几天的调查，我发现Spring OAuth2完全实现了我的客户端应用程序的所有功能和配置，并使用了

Actually after couple days of investigation i figured out that Spring OAuth2 completely implementing all features and configuration to my client application uses the authorization code grant to obtain an access token from Vkontakte (the Authorization Server)

如果我作为示例 Spring Boot和OAuth2社交登录简单是为我的授权服务器使用正确的凭据填充 application.yml :

The only thing i need to do if i take as sample Spring Boot and OAuth2 social login simple is to populate application.yml with correct creds for my Authorization server:

security:
  oauth2:
    client:
      clientId: xxxxxxx
      clientSecret: xxxxxxxxxxx
      accessTokenUri: https://oauth.vk.com/access_token
      userAuthorizationUri: https://oauth.vk.com/authorize
      tokenName: code
      authenticationScheme: query
      clientAuthenticationScheme: form
      grant-type: authorization_code
    resource:
      userInfoUri: https://api.vk.com/method/users.get

我遇到的唯一问题是提供正确的令牌名称和 userInfoUri 来检索记录的用户信息.

The only problem i faced was providing correct token name and userInfoUri to retrieve logged user info.

根据令牌名称，它是您通过授权后获得的授权代码的名称(response_type = 令牌名称，在我的情况下，它称为代码 )并用于获取访问令牌.

According token name it is name of authorization code your get after passing authoriztion(response_type=token name, it calls code in my case) and use to get access token.

希望这对帮助人们面对同样的问题会有所帮助

Hope it will be helpful people face the same problem

这篇关于春季oauth2授权代码流程，用于VK(Vkontakte)的配置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！