Highlighted

Granite Oauth Handler authorization and token endpoint urls.

Adilmo

23-11-2017

Hi All,

There is hardly any documentation on the working of granite oauth handler. I need information regarding following:

Given (Granite Oauthhandler is protecting /content)

1.  I am able to invoke authorization endpoint with this url http://localhost:1746/content/j_security_check?configid=cb5da4dbc7a11ad11bacb8e39ef91919

     configid is the id of my oauthprovider (linkedin)

2. Accesstoken endpoint - Is there url on aem which can be used to exchange authcode returned from step 1  above with accesstoken.

    I hoped that redirect URI would directly invoke oauthhandler and exchange authcode with accesstoken but itis not working.

Here is my redirect url

http://localhost:1746/content/callback/j_security_check?code=AQABAAIAAABHh4kmS_aKT5XrjzxRAtHzQsKZzbR...

Thanks in advance.

Replies

Highlighted

smacdonald2008

23-11-2017

We will pass the question to the AEM team as like you said - there is not really docs on this use case.

We will also log a bug so it gets documented.

Highlighted

smacdonald2008

23-11-2017

You can refer to this for more details -- RFC 6749 - The OAuth 2.0 Authorization Framework

THis talks about the OAuth 2.0 Authorization Framework - not how to use the granite oauth handler.  We logged a bug.