Ory Hydra Authorization Code Exchange => access token
Before posts about Hydra get access token is use golang HydraOauthConfig.Exchange(ctx, code). This is easy way. But on front website like vue or other framework how to get access token.
Use REST Client to test
POST https://openid.hydra:9001/oauth2/token
Authorization: Basic YXV0aC1jb2RlLWNsaWVudDpzZWNyZXQ=
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code
&code=cuNw76aEuckIJJyVssk2LJvqdLXffT-8Kx1s0tYFt6Y.v0Dxc2_yT9ga8c2moKx0fDbwRFVgwryAt5BJM7lOJlM
#&redirect_uri=https://certfront/oid/test/callback
#&scope=openid,offline
#&client_id=auth-code-client
#&code_verifier=
#&state=gczxkznmjkrksgytsemvwgkf
Import is: Authorization: Basic
https://github.com/ory/hydra/issues/631
Not Authorization: Bearer
base64(urlencode(client_id):urlencode(client_secret))
YXV0aC1jb2RlLWNsaWVudDpzZWNyZXQ= => auth-code-client:secret
code is callback code. When you login-consent finish step then callback to your set callback URL. Watch URL inside have code=
example: https://t.tt:9010/callback?code=cuNw76aEuckIJJyVssk2LJvqdLXffT-8Kx1s0tYFt6Y.v0Dxc2_yT9ga8c2moKx0fDbwRFVgwryAt5BJM7lOJlM&scope=openid%20offline&state=gczxkznmjkrksgytsemvwgkf
If code have error message, you need check before any step have incorrect.
In Ory Hydra get access token is not like sdk document
https://www.ory.sh/docs/hydra/sdk/api#the-oauth-20-token-endpoint
You need to sure grant_type=authorization_code Not other options.
But SDK Document No any options example. Only suggestion you use lib. So you need to try many.
like follow
https://www.oauth.com/oauth2-servers/pkce/authorization-code-exchange/
https://community.ory.sh/t/how-configure-grant-implicit-flow/411/14
https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce
https://github.com/oauthjs/express-oauth-server/issues/55
https://www.jianshu.com/p/5cf2b7a45b75
http://www.passportjs.org/docs/oauth/
Then try out a ways.
OK. Mark is not important Required.
#&redirect_uri=https://certfront/oid/test/callback
#&scope=openid,offline
#&client_id=auth-code-client
#&code_verifier=
#&state=gczxkznmjkrksgytsemvwgkf