Exchanging "code" for "token" using Github OAuth with Spring Boot

141 views Asked by At

I'm working with a Spring Boot application that uses Github OAuth for login/logout. It's my understanding as described here that I can use the endpoint below to exchange a "code" provided by the Github OAuth server for a token that I can pass to this call to initialize a GitHub object that would have permissions matching the scope of the OAuth application:

POST https://github.com/login/oauth/access_token
   GitHub github = new GitHubBuilder().withOAuthToken(theToken).build(); 

But I haven't found any example code illustrating how to obtain this "code" from the OAuth response.

Does anyone have an example of doing this? Or is there another way to achieve what I'm trying to achieve? The main thing I'm trying to do is allow the user to authorize the app to look up the full list of emails associated with the Github account of the user that is logged in.

I've done something similar in Rails using Octokit; there, the omniauth gem takes care of this and puts the token into auth.credentials.token, which can then just be passed to Octokit. I'm trying to port a Rails app that does this to Spring, and this is my current stumbling block.

Can anyone point me in the right direction?

I've tried dozens of examples I've found here and there on various stackoverflow posts and other forums, but each of them gives me either an empty string or a null value, so I must be doing something fundamentally wrong.

1

There are 1 answers

2
DingHao On

The code parameter comes from the parameter behind the authorization server redirect uri like below

http://client1.hiboot.cn:8081/login/oauth2/code/client-app?code=5844ed70eae48356026e&state=7KgiK-25VL5ONtdfy9hf5eft1xlnRijovlovXzeB7PA%3D

That is standard oauth2 authorization_code mode