0

Let's assume:

Angular2 Web Application => WebClient

Spring Boot REST server => WebServer

WebClient and WebServer are separate with different addresses. What I would like to do is access data from WebServer rest endpoints. I need authentication to return user sensitive data.

Use case: User register client application that sends data to WebServer. WebClient is use to configure client applications and display gathered data per user.

I checked this guide Spring Boot and Oauth, also checked few other blogs and the thing i don't quite understand is how it's supposed to work.

If I use WebServer as Oauth Resurce server then i get OAuth token using Basic Authentication, i can do it from WebClient then use returned token.

What i don't understand is how to use external authentication provider like Facebook, and how this will work in my example.

My thinking is:

  1. Provide cliendID and secret (facebook) for WebClient.
  2. WebClient logs to Facebook and gets AccessToken
  3. WebClient uses AccessToken to get resources from WebServer
  4. WebServer checks AccessToken against Facebook using same ClientID and secret as WebClient
  5. If OK returns resources

Is this the correct way of how to use external provider like Facebook?

Community
  • 1
  • 1
  • Please clarify your use case. I need some sort of authentication is not clear enough. Why do you need to do authentication? Who are your users? – Valentin Despa Mar 15 '17 at 20:45
  • I edited my question and added use case, do you have any additional questions? –  Mar 15 '17 at 21:01
  • Facebook provides APIs to get user info by token, you can check [here](https://developers.facebook.com/tools/explorer?method=GET&path=me%3Ffields%3Did%2Cname&version=v2.8) – chaoluo Mar 16 '17 at 05:29

0 Answers0