I am trying to implement a social login with VK for my Angular app and Spring Webflux back end. At the moment I have an endpoint on back end to serve user info: localhost:8080/people/me. I tried to authenticate user on front end the following way:
ngOnInit(): void {
this.http.get(USER_INFO_URL)
.subscribe((resp: Response) => {
if (resp.status < 300) {
this.authenticated = true;
resp.json()
.then(vkUser => {
let fields: [string, string] = ['firstName', vkUser.firstName];
fields['lastName'] = vkUser.lastName;
this.user = new User(vkUser.id, fields);
});
} else {
window.location.href = AUTH_URL;
}
});
}
However, when my Spring app redirects the client to VK for authentication, VK does not provide any CORS headers, causing the mechanism to fail.
Could someone please recommend a way of using OAuth2 for Angular/Spring pair? I am using a code flow, so I guess first I need to get the code on front end and then send it to the Spring back end, so that it changes it for access token.
At the same time, I feel like my approach may be wrong and the entire auth process should take place at the back end, while front end should only get a cookie, but then I can't figure how to redirect AJAX request from front end to VK login page, handle that on back end and then return to Angular app.
from OAuth2 with Angular and reactive Spring Security
No comments:
Post a Comment