0 Replies Latest reply on Jun 11, 2014 6:02 AM by axis123

    JBoss 7.1.1.Final OAuth2.0 - Refresh Tokens

    axis123
    axis123 Jun 11, 2014 6:02 AM

      Hey JBoss Community!

       

      im currently working on an android client which gets an bearer token (access token) from my JBoss which runs with OAuth2.0. im validating the the user and password via a security domain (database).

       

      everything works fine, only problem the server does not provide the client a refresh-key.


      {"access_token":"eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI3LjU2YmRmZGZ

      lLTA2ZDEtNGEyMi04ODhhLWRiMmZlNTZkMDVmOCIsImV4cCI6MTQw

      MjQ4MDQ2MSwiYXVkIjoiY29tbWVyY2UiLCJwcm4iOiJhZG1pbiIsInJlY

      WxtX2FjY2VzcyI6eyJyb2xlcyI6WyJ1c2VyIl19fQ.gDv10yW07dJyJZhw

      UG3rfa20syJgGAOb3pGjApLU3l8cLMCwPkPxuNtaZeRzR7pzs9av6bqdZ

      W_2pSqiFqp4Qu2n9QEmjcGNZyrIjnCBRdIHL4s0DVlqyMeQMlUiqmwP

      v429OpVD4Gry9uPGMx3763BUCjJpnKioT24jBsJ7Qlw","expires_in":5,"token_type":"bearer"}


      this is what my client gets. (im using Volley-api for my rest calls)

       

      ive read this post

      http://sourceforge.net/p/resteasy/mailman/resteasy-users/thread/521231FC.6020100@redhat.com/

       

      is there any chance to get a refresh-token too? did i miss something? ive not so much knowledge about that OAuth stuff,.. or another better solution to do authentication?

       

      thank u in advance!

      Manuel