I have built an OAuth2 client and OAuth authorization server locally using SpringSecurity.
The OAuth2 client is configured with the Goole authorization server and the local authorization server.
When authorizing through the local authorization server, the authorization server generates an authorization code and redirects back to the client. It checks whether the authorization request OAuth2AuthorizationRequest exists.
Since the sessionId is different from the sessionId when redirecting to the authorization server for authorization, the error [authorization_request_not_found] is displayed.
When using Google for authorization, Google can ensure that the sessionId requested by the client when issuing the authorization and the sessionId when redirecting back to the client after generating the authorization code are the same, and the error [authorization_request_not_found] will not occur.
How does the Google authorization server monitor the sessionId when the client makes the request and redirect it back?
How to resolve the error [authorization_request_not_found] of the local authorization server?
You need to sign in to view this answers
Leave feedback about this