OAuth 2.0 Generating Token and Secret Token

java oauth-2.0 access-token oltu
19,602

OAuth 2.0 specification doesn't tell anything about how to generate token and secret token. Thus it is up to you whether you use some existing/anchor data to generate tokens or you want to use random sequence in order to generate tokens. The only difference is that if you use presumably known data (e.g. user data, such as username, creation date plus etc.) you can restore tokens any time you need that. If you use random sequence of data, then you cannot restore tokens once they are lost.

In other words, RFC doesn't restrict you on generation process.

I would probably use string concatenation of User Details data plus some random data, then do Base64 encoding.

String keySource = username + creationDate + random;
byte [] tokenByte = new Base64(true).encodeBase64(keySource.getBytes());
String token = new String(tokenByte);
Share:
19,602
willsteel
Author by

willsteel

Updated on July 19, 2022

Comments

  • willsteel
    willsteel almost 2 years

    I am implementing the OAuth 2.0 provider server using Apache Oltu framework, looking for some idea on how to generate the access token and secret tokens in java. Please advise.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Spring OAuth2 - Can't get client token
How do you set a resource ID for a token?
What characters are allowed in an OAuth2 access token?
How do I use access token from discord oauth2 login to get user information
sending JSON object using POST Methods
OAUTH2 spring Error creating bean with name 'springSecurityFilterChain'
Get principal in Spring Boot resource server from JWT token
Spring-boot oauth2 splitting authorization server and resource server
Facebook Access Tokens - Server-Side Authentication
Invalid signature while validating Azure ad access token, but id token works