This recipe will present you with the importance of defining a redirection URI when registering client applications. By defining a redirection URI, the client always needs to send the redirection URI on the authorization request, which must be validated by the Authorization Server. Redirect URI validation is extremely important when using the Implicit grant type, because the client can't authenticate when redirecting the user so she grant permissions to her resources.
To run this recipe, you will need Java 8, Maven, Spring Web, and Spring Security. To ease the project creation step, use Spring Initializr at http://start.spring.io/ and define the dependencies as Web
and Security
(that will declare properly all the spring boot starters needed for this recipe). Do not forget to set up the Artifact
and Group
names.