Good day enter image description here I want to get access to the VK Api methods. Please explain why:

  1. The documentation states that the "code" parameter must be specified in the responseType method in order to further obtain an access token. But I can get it by writing responseType ("token"), why this "code"?

  2. For some reason, the "code", which is given in the documentation, is different from mine, as if part of my "code" is cut off.

    public static void main(String... args) { final String clientId = "5811559"; // ID ΠΌΠΎΠ΅Π³ΠΎ прилоТСния Vk final String clientSecret = "ZOAAWpmdT6h4AGkSGGYV"; //Π‘Π΅ΠΊΡ€Π΅Ρ‚Π½Ρ‹ΠΉ ΠΊΠ»ΡŽΡ‡ final OAuth20Service service = new ServiceBuilder() .apiKey(clientId) .apiSecret(clientSecret) .callback("https://oauth.vk.com/blank.html ") .scope("friends") .responseType("code") .build(VkontakteApi.instance()); }

It should turn out something like this:

 REDIRECT_URI?code=7a6fa4dff77a228eeda56603b8f53806c883f011c40b72630bb50df056f6479e52a

And it turns out:

 https://oauth.vk.com/blank.html#code=6b42804b417113a2af
  • 2
    I hope the specified clientId and clientSecret are not real? otherwise, you just gave secret information to the entire Internet. - Mikhail Vaysman
  • if it is real data, be sure to change it. - Mikhail Vaysman
  • @MikhailVaysman, on stackoverflow, you can watch the change history :-) - Bohdan Korinnyi
  • one
    Therefore, it is necessary to change not here, but in VK. - Mikhail Vaysman

1 answer 1

Briefly .. VK OAuth API supports 3 methods, the first and easiest you can use one-step authorization, that is, in the first request immediately call the value TOKEN and continue to receive data. There is also a two-step authorization, in which you first get the CODE value after sending another request to get TOKEN for this code ... it all depends on what you need and how you implement your project. As for the length of the CODE value, as far as I remember such short ones should not be, but you can send a request for access_token and if the CODE is incorrect, then the system will answer you with an error that your CODE is not correct ..
PS Try not to write publicly about your application (clientId, clientSecret)! This is a secret info))

  • Well, I would not say that the Client ID (application ID) is so secret. - neluzhin