I am interested in opportunity to make server side http request to web server implementing same SSO authentication.
So assume I have: hello.org and hey.com that point to the same SSO server. After I logged in hello.org I obtained:
OAuth2Authentication authenticationObject = (OAuth2Authentication) principal;
Now I would like to fire http request from hello.org server to hey.com
Request.Get("hey.com/get_data").execute().returnContent().asString();
But I hit authentication error code 401.
How can I retrieve all required tokens from OAuth object and make my request be authenticated?
the site hello.org is not supposed to call hey.com using the token provided to the client calling hello.org. That token is to be seen as a contract between the authenticated user and hello.org.
The hello.org server needs it's own client that is authorized to access hey.com.
So one common way to solve this is to create a "hello.org to hey.com" client with either key or certificate authentication against the sso provider, and then call hey.com with the token provided there, and then relay the info back to the user of hello.org.
Now that is if you want to call hey.com via hello.org and the user is unaware that hey.com was ever involved in the information provision.
If you on the other hand want to let the user access both hello.org and hey.com by signing in via hello.org you should check out either OpenId or SAML since bare bones Oauth isn't really designed for SSO or resource sharing.