oauth-2.0 - Is Authorization code mandatory to grant resource access?
问题描述
I am working on a Spring Boot web app that needs to access the resource from 3rd party web app. I am trying to understand the working of Oauth2. The 3rd party web app uses Oauth2 to grant the client resource access. The document from 3rd party web app says to send a POST with request parameter in the below-mentioned format.
username=<###>&password=<###>&client_id=<###>&client_secret=<###>&grant_type=password&hcode=<###>
The hcode value is fixed as per the document. I am able to write a java code that successfully fetches me access token (thanks to Google search!). Below are my questions...
- What type of grant is being used here?
- Is this Authorization code grant? I don't see Authorization code here.
PS: I am new to web application development. I am referring to the below post to understand Oauth2. [https://www.javainuse.com/spring/spring-boot-oauth-introduction]
String content = "-----";
BufferedReader reader = null;
HttpsURLConnection connection = null;
String returnValue = "";
URL url = new URL(CredentialDto.getTockenurl());
connection = (HttpsURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setDoOutput(true);
connection.setRequestProperty("Authorization", "Basic " +
CredentialDto.getAuthentication());
connection.setRequestProperty("Content-Type", "application/x-www-form-
urlencoded");
connection.setRequestProperty("Accept", "application/json");
PrintStream os = new PrintStream(connection.getOutputStream());
os.print(content);
os.close();
reader = new BufferedReader(new
InputStreamReader(connection.getInputStream()));
String line = null;
StringWriter out = new StringWriter(connection.getContentLength() > 0 ?
connection.getContentLength() : 2048);
while((line = reader.readLine()) != null) {
out.append(line);
}
accessToken = out.toString();
Matcher matcher = PAT.matcher(retuenValue); if(matcher.matches() &&
matcher.groupCount() > 0) {
accessToken = matcher.group(1);
}
解决方案
推荐阅读
- python - 无法在 Linux 上打开 Pyspark Shell
- python - 什么我无法在当前目录中导入经过验证的代码?
- php - Laravel foreach 每个项目增加 3
- delphi - 访问不带名称的过程参数
- hive - Hive-Hbase 集成 - 插入数据时的问题
- javascript - 这是此 JavaScript (JSX) 代码的正确 PHP 代码吗?
- excel - Application.Caption 行为:也返回窗口标题
- android - Firestore - 如何使用路径字符串创建 DocumentReference
- amazon-dynamodb - Dynamodb 键由 3 个字段组成
- docker - 当主机上的 VPN 开启时,容器上的 Internet 无法访问