Finish auth grant flow, no frontend

notNeo · August 3, 2020, 2:06pm

I try to finish the grant flow communicating directly with hydra.
I had almost success meaning, I do following calls:

GET http://:4444$hydraIP/oauth2/auth?audience=&client_id… etc
returns a login challenge and cookie
GET http://:4445$hydraIP/oauth2/auth/requests/login?$login_challenge
returns a json
PUT http://:4445$hydraIP/oauth2/auth/requests/login/accept?$login_challenge
returns a “redirect_to”
GET $redirect_to
returns consent_challenge and cookie
GET http://:4445$hydraIP/oauth2/auth/requests/consent?$consent_challenge
returns json
PUT http://:4445$hydraIP/oauth2/auth/requests/consent/accept?$consent_challenge
returns redirect_to

now the last redirect_to has a code as seen in the last request before receiving the auth cookie.
I have looked intensely into the code of the hydra_login_consent_node but couldn’t find any indication it responding to the callback uri (calling to the hydra admin client)

also the admin client couldn’t give me any insights on how this response comes to life.

tl;dr
I received the redirect to my callback uri endpoint and don’t know how to convert the code in the url.query to a full fledged authentication token

hackerman · August 4, 2020, 4:15pm

https://www.oauth.com/oauth2-servers/server-side-apps/authorization-code/ is probably worth a read!

notNeo · August 4, 2020, 12:02pm

it appears the redirect_uri, the grant_type and the code is forced upon
if an access_token is requested.

the documentation insinuates otherwise.

thanks for the read

the last request call would be

POST http://:4444$hydraIP/oauth2/token
returns access_token

(weird I can’t recall to mixed up ports and host anyways that ones for the format)