0

I have a server using spring frmework and implmenting the OAuth 2.0 login approach. I need to make login to this server using Android device. I am already loging in using spring client and the code:

@RequestMapping(path="/login", method=RequestMethod.POST)
public String login(@RequestParam String email, @RequestParam String password, HttpSession session) {

    ResourceOwnerPasswordResourceDetails details = new ResourceOwnerPasswordResourceDetails();
    details.setId("oauthTest/client");
    details.setClientId("my-trusted-client-with-secret");
    details.setClientSecret("somesecret");
    details.setAccessTokenUri("http://localhost:8080/FoReServer/oauth/token");
    details.setScope(Arrays.asList("read", "write", "trust"));
    details.setUsername(email);
    details.setPassword(password);

    OAuth2RestTemplate template = new OAuth2RestTemplate(details, oAuth2ClientContext);
    template.getOAuth2ClientContext().setAccessToken(template.getAccessToken());

    User user = template.getForObject("http://localhost:8080/FoReServer/api/rest/user/findMe", User.class);
    session.setAttribute("user", user);

but i do not know what is the equivalent of this code in Android client to connect to Oauth 2.0 on server. I mean how can i send the user name and password to the spring server from Android client. And which android api classes i sould use for this case? Definitely HttpUrlConnection won't work !

Elmu Ezz
  • 61
  • 1
  • 4
  • This is confusing. The code you show is your server that acts as oauth client for another server but gets credentials from the outside? Where exactly does the Android app come into play? Is if supposed to "call" the login method with those parameters? (httpurlconnection will work for anything http://stackoverflow.com/questions/4205980/java-sending-http-parameters-via-post-method-easily but there are better approaches using libraries like [retrofit](http://square.github.io/retrofit/) – zapl May 18 '16 at 19:14
  • The android is another client apart from that code above but has the same parameters so that OAuth2 will understand it. I should connect to the spring server but My problem is that i need to log in and the authentication implemented on spring server is OAuth2 so if i send the username and password through the HttpUrlConnection it will be exposed easily for anybody listening the network. how can i send them securely to the server ? – Elmu Ezz May 18 '16 at 21:58
  • Try ["Hypertext Transfer Protocol Secure"](https://en.wikipedia.org/wiki/HTTPS) - it prevents that people can read what you send when done properly – zapl May 18 '16 at 22:03

0 Answers0