“没有足够的权限访问本机 PKCE 协议”

Question

I am developing a web application using Spring framework and Java. I have added a login with linkedin feature to my webapp(domain:localhost); however, i am getting a 403 Forbidden error "Not enough permissions to access Native PKCE protocol" (i am able to redirect to linkedin + allow a consent screen). i get the error when redirecting to my webapp login page.

    application.properties
spring.security.oauth2.client.registration.linkedin.clientId=
spring.security.oauth2.client.registration.linkedin.secret=
spring.security.oauth2.client.registration.linkedin.client-authentication-method=post
spring.security.oauth2.client.registration.linkedin.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.linkedin.scope=r_liteprofile
spring.security.oauth2.client.registration.linkedin.redirect-uri=http://localhost:8080/login/oauth2/code/linkedin
spring.security.oauth2.client.registration.linkedin.client-name=Linkedin
spring.security.oauth2.client.registration.linkedin.provider=linkedin
spring.security.oauth2.client.provider.linkedin.authorization-uri=https://www.linkedin.com/oauth/v2/authorization
spring.security.oauth2.client.provider.linkedin.token-uri=https://www.linkedin.com/oauth/v2/accessToken
spring.security.oauth2.client.provider.linkedin.user-info-uri=https://api.linkedin.com/v2/me
spring.security.oauth2.client.provider.linkedin.user-name-attribute=id

enter image description here

webSecurityConfig http.oauth2login()

Answer 1

As per the Microsoft doc https://docs.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow-native you need to contact the LinkedIn team to enable the PKCE workflow. If you have already done that then Authorization API you need to call is https://www.linkedin.com/oauth/native-pkce/authorization . And if you have stumbled upon PKCE and not intended to use it then just disable the same in Spring configuration.