Fork: 0
agalyadoss / springboot-auth201
Transfer to URL with SHA Find file
Newer
Older
springboot-auth201 / src / main / resources / templates / authorized.html
@agalyaramadoss agalyaramadoss on 29 Nov 8 KB added client test page
Raw Blame History 
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>OAuth 2.1 Authorization Complete</title>
    <style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
        }
        
        body {
            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, sans-serif;
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
            min-height: 100vh;
            display: flex;
            justify-content: center;
            align-items: center;
            padding: 20px;
        }
        
        .container {
            background: white;
            border-radius: 12px;
            box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
            max-width: 800px;
            width: 100%;
            padding: 40px;
        }
        
        h1 {
            color: #667eea;
            margin-bottom: 10px;
            font-size: 28px;
        }
        
        .subtitle {
            color: #666;
            margin-bottom: 30px;
            font-size: 14px;
        }
        
        .success-icon {
            width: 60px;
            height: 60px;
            background: #10b981;
            border-radius: 50%;
            display: flex;
            align-items: center;
            justify-content: center;
            margin: 0 auto 20px;
            font-size: 30px;
        }
        
        .error-icon {
            width: 60px;
            height: 60px;
            background: #ef4444;
            border-radius: 50%;
            display: flex;
            align-items: center;
            justify-content: center;
            margin: 0 auto 20px;
            font-size: 30px;
        }
        
        .info-box {
            background: #f3f4f6;
            border-radius: 8px;
            padding: 20px;
            margin: 20px 0;
        }
        
        .info-box.error {
            background: #fee2e2;
            border-left: 4px solid #ef4444;
        }
        
        .info-item {
            margin: 15px 0;
        }
        
        .info-label {
            font-weight: 600;
            color: #374151;
            display: block;
            margin-bottom: 5px;
            font-size: 12px;
            text-transform: uppercase;
            letter-spacing: 0.5px;
        }
        
        .info-value {
            background: white;
            border: 1px solid #e5e7eb;
            border-radius: 6px;
            padding: 12px;
            font-family: 'Courier New', monospace;
            font-size: 13px;
            color: #1f2937;
            word-break: break-all;
            line-height: 1.5;
        }
        
        .code-snippet {
            background: #1f2937;
            color: #10b981;
            border-radius: 8px;
            padding: 20px;
            margin: 20px 0;
            font-family: 'Courier New', monospace;
            font-size: 12px;
            overflow-x: auto;
            line-height: 1.6;
        }
        
        .code-snippet .comment {
            color: #6b7280;
        }
        
        .code-snippet .variable {
            color: #fbbf24;
        }
        
        .instructions {
            background: #eff6ff;
            border-left: 4px solid #3b82f6;
            padding: 20px;
            margin: 20px 0;
            border-radius: 4px;
        }
        
        .instructions h3 {
            color: #1e40af;
            margin-bottom: 15px;
            font-size: 16px;
        }
        
        .instructions ol {
            margin-left: 20px;
            color: #1f2937;
        }
        
        .instructions li {
            margin: 10px 0;
            line-height: 1.6;
        }
        
        .button {
            display: inline-block;
            background: #667eea;
            color: white;
            padding: 12px 24px;
            border-radius: 6px;
            text-decoration: none;
            font-weight: 500;
            margin: 10px 5px;
            transition: background 0.3s;
        }
        
        .button:hover {
            background: #5568d3;
        }
        
        .button.secondary {
            background: #6b7280;
        }
        
        .button.secondary:hover {
            background: #4b5563;
        }
        
        .footer {
            margin-top: 30px;
            padding-top: 20px;
            border-top: 1px solid #e5e7eb;
            text-align: center;
            color: #6b7280;
            font-size: 12px;
        }
    </style>
</head>
<body>
    <div class="container">
        <div th:if="${hasError}">
            <div class="error-icon">❌</div>
            <h1>Authorization Failed</h1>
            <p class="subtitle">There was an error during the authorization process</p>
            
            <div class="info-box error">
                <div class="info-item">
                    <span class="info-label">Error</span>
                    <div class="info-value" th:text="${error}">error_code</div>
                </div>
                <div class="info-item" th:if="${errorDescription}">
                    <span class="info-label">Description</span>
                    <div class="info-value" th:text="${errorDescription}">Error description</div>
                </div>
            </div>
            
            <a href="/" class="button">Back to Home</a>
        </div>
        
        <div th:unless="${hasError}">
            <div class="success-icon">✓</div>
            <h1>Authorization Successful!</h1>
            <p class="subtitle">OAuth 2.1 Authorization Code Flow - Step 1 Complete</p>
            
            <div class="info-box">
                <div class="info-item">
                    <span class="info-label">Authorization Code</span>
                    <div class="info-value" th:text="${code}">authorization_code_here</div>
                </div>
                <div class="info-item" th:if="${state}">
                    <span class="info-label">State</span>
                    <div class="info-value" th:text="${state}">state_value</div>
                </div>
            </div>
            
            <div class="instructions">
                <h3>📝 Next Steps: Exchange Code for Tokens</h3>
                <ol>
                    <li><strong>Copy the authorization code</strong> from above</li>
                    <li><strong>Use the code verifier</strong> from your original PKCE challenge</li>
                    <li><strong>Make a POST request</strong> to the token endpoint (see example below)</li>
                </ol>
            </div>
            
            <div class="code-snippet">
<span class="comment"># Step 2: Exchange authorization code for access token</span>
curl -X POST <span th:text="${tokenEndpoint}">http://localhost:9000/oauth2/token</span> \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=authorization_code" \
  -d "code=<span class="variable" th:text="${code}">YOUR_CODE</span>" \
  -d "redirect_uri=http://127.0.0.1:8080/authorized" \
  -d "client_id=public-client" \
  -d "code_verifier=<span class="variable">YOUR_CODE_VERIFIER</span>"

<span class="comment"># For confidential clients, use Basic Auth:</span>
curl -X POST <span th:text="${tokenEndpoint}">http://localhost:9000/oauth2/token</span> \
  -u confidential-client:secret \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=authorization_code" \
  -d "code=<span class="variable" th:text="${code}">YOUR_CODE</span>" \
  -d "redirect_uri=http://127.0.0.1:8080/authorized" \
  -d "code_verifier=<span class="variable">YOUR_CODE_VERIFIER</span>"
            </div>
            
            <div class="info-box">
                <div class="info-item">
                    <span class="info-label">⚠️ Important Notes</span>
                    <ul style="margin-left: 20px; margin-top: 10px; color: #374151; line-height: 1.8;">
                        <li>Authorization codes are <strong>single-use</strong> and expire quickly (typically 5-10 minutes)</li>
                        <li>You must use the same <code>redirect_uri</code> as in the authorization request</li>
                        <li>For public clients, the <code>code_verifier</code> parameter is required (PKCE)</li>
                        <li>The code verifier must match the code challenge used in the authorization request</li>
                    </ul>
                </div>
            </div>
            
            <div style="text-align: center; margin-top: 30px;">
                <a href="/" class="button">Back to Home</a>
                <a href="/oauth2/authorize?response_type=code&client_id=public-client&redirect_uri=http://127.0.0.1:8080/authorized&scope=openid%20profile%20read" class="button secondary">Start New Authorization</a>
            </div>
        </div>
        
        <div class="footer">
            <p>OAuth 2.1 Authorization Server</p>
            <p>Powered by Spring Authorization Server 7.0.0</p>
        </div>
    </div>
</body>
</html>