February 2019
Intermediate to advanced
446 pages
10h 55m
English
We will enter the following URL in our browser. Our request for an authorization code is as follows:
http://localhost:9001/auth/oauth/authorize?response_type=code&client_id=client&redirect_uri=http://localhost:8765/&scope=apiAccess&state=1234
Here, we provide the client ID (by default, we have the hardcoded client registered in our security service), redirect URI, scope (hardcoded apiAccess value in the security service), and state. You must be wondering about the state parameter. It contains the random number that we revalidate in the response to prevent cross-site request forgery.
If the resource owner (user) is not already authenticated, it will ask for the username and password. Provide the username as username ...
Read now
Unlock full access