OAuth2 for front end applications

Question

I'm developing an application in which I need an authorization workflow.

I m working on OAuth2 with oauth2orize library.

My applications (client) are frontends written in javascript or java (android).

First, what I need is simply a way to authenticate inside of them and get back an access token. To make it work, I have a resource owner flow. My problem is that I can't store my secret on my client app cause of security problems. Do you have an idea how should I do it?
In the other hand, how can I make a third party login page? Like "connect trough XXX" and then be redirected on the login page?

score 1 · Answer 1 · edited Oct 07 '21 at 10:58

1

The Implicit Grant flow is for public clients operating on a given URL, like Javascript (and there's a way to do it on Android).

You'll make a button "Connect through XXX" and then you redirect the user to XXX to authenticate. When that's done, you get a redirect back with the Access Token in the URL fragment.

edited Oct 07 '21 at 10:58

Community

1
1

answered Feb 26 '16 at 16:44

Leventix

3,789
1
32
41

OAuth2 for front end applications

1 Answers1

Linked