Hi to all,
i'm trying to use the Rest Web Service built in the last chapter.

From iOS, i have requested the auth code and next clicked on "Accept" (like the client described in the same chapter").

Now, the chapter use as redirect url localhost:8080/client/support but, for example, if i would like to call this from an iOS App, what redirect url i should use?

I really dont understand this.

After having an "code", i dont have to call oauth/token with that code ?

If i call oauth/token, (with the code), the server reply me that i need a full authentication.....

I dont understand that step. Could someone help me?

Someone have successfully used this application for example using RESTClient from Firefox ?

Using it with that client (or with other client) the error is:

<oauth><error_description>Full authentication is required to access this resource</error_description><error>unauthorized</error></oauth>

ps: but the author read this forum ??

mistre83,

My apologies, but I finally have alerts set up for this forum. I should be able to follow it more closely now.

You can only use RESTClient (and similar tools) without OAuth. Once you add OAuth, you need a more complex testing tool (like a sample client) to use a protected web service. This is why the sample code for the chapter includes a standalone sample client intended to be used to test the web service.

As for using the web service from iOS, you'll need to make a few minor tweaks. First, for your iOS app, you'll need to register with iOS a unique URI scheme that indicates to the OS that your app should be opened when that URI is triggered. For example, the URI scheme for the Twitter app is "twitter://." I am not an iOS developer, so I couldn't tell you how to register this URI scheme.

Once you've done this, you'll need to add the iOS app client redirect URI to the WebServiceClient_RedirectUri database table. The default URI, as you pointed out, is http://localhost:8080/client/support (to which the authorization server will append the necessary parameters). Assuming the URI scheme you register with iOS is "myApp://" (that's a sample only), you could set the URI in the WebServiceClient_RedirectUri table to "myApp://oauth" or something similar.

Finally, whatever URI you put in the WebServiceClient_RedirectUri, you need to make sure your client includes the exact same URI in its initial forward to the authorization server.

This should get you going. Good luck working with this!

__________________
-- Nick Williams

Hi Nick,

many thanks for your reply. What you say is exactly what i've already implemented :-)

The question that i havent already solved is posted here: Spring OAuth2 wrong redirect page

"Oauth2 wrong redirect page".

Thanks you again and... nice book!