Issues Implementing OAuth2 Implicit Flow with Angular and Spring Boot
I'm stuck trying to I'm integrating two systems and I'm currently trying to implement OAuth2 implicit flow in my Angular application that interacts with a Spring Boot backend. I followed the standard flow but I'm working with issues when trying to redirect back to my Angular app after authentication. The question arises when I receive the access token in the URL fragment; I'm unable to properly extract it and use it for API requests. I have the following configuration in my Spring Boot application: ```java @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/oauth/**").permitAll() .anyRequest().authenticated() .and() .oauth2Login(); } } ``` After successful login, I'm redirected to my Angular app's callback URL, but the access token is included as a fragment like this: `http://localhost:4200/callback#access_token=abc123&token_type=bearer&expires_in=3600`. My goal is to capture that token in my Angular service. In my Angular service, I've tried using the `ActivatedRoute` to access the fragment, but it seems that the fragment is not parsed correctly: ```typescript import { Injectable } from '@angular/core'; import { ActivatedRoute } from '@angular/router'; import { filter } from 'rxjs/operators'; @Injectable({ providedIn: 'root' }) export class AuthService { constructor(private route: ActivatedRoute) { this.route.fragment.pipe(filter(frag => frag !== null)).subscribe(fragment => { console.log('Fragment:', fragment); // Logic to extract token }); } } ``` However, the `fragment` is undefined, and I need to seem to retrieve the token. I've confirmed that my redirect URI is correctly configured both in the OAuth provider and in my Angular application. I'm also ensuring that the callback is properly routed in the Angular app. Does anyone have experience with handling the OAuth2 implicit flow in Angular? Any insights on why I might not be receiving the fragment or how to extract the access token successfully would be greatly appreciated! I'm currently using Angular 12 and Spring Boot 2.5.4. Any ideas how to fix this?