Chapter 6. Get an Access Token with the Server-Side Flow
In the previous chapter, we looked at how to obtain an access token using the client-side flow (that is, the implicit grant flow). We demonstrated this by creating a very simple HTML/JavaScript application that requested an access token from Facebook using the credentials we created in Chapter 4, Register Your Application.
In this chapter, we will take a closer look at the server-side flow for getting an access token. Just as we did for the client-side flow in the previous chapter, we will look at the request and response structure necessary to make successful calls to an OAuth 2.0 service provider. We will then create a simple Java application, and use our knowledge to request an access token from the server side using the slightly more complex, but more secure, server-side flow (that is, authorization code grant flow).
