I am working on an application that consists of server and mobile components. The user can login into the application using one of its social network accounts (vk.com, google+, facebook and twitter).
For now I am going to use OAuth2 authentication. I need to authorize the application to do requests to the social network (i.e. to share data) and to make sure the user is authorized by the social network on the server side (since I don't want to show users private date to everyone).
I've started to work with the vk.com social network (its is wide spread here, in Russia) and I've found that its access_token is ip-related. I.e. if the user is logged in (acquires access_token) from Thailand (why not?) and send it back to the server (lets say it is in the Ireland) then the vk.com servers do not authorize such request.
The question is: what is the workflow to authorize user with the mobile application and verify that authorization on the server side?
Thank you.
