Java

How to make authorization for Java standalone application through Vkontakte?

Hello everyone,

UPD: A couple of hours ago I posted this question in the posts. Received minuses and transferred here.

I will try to explain in more detail what I want to implement.
There is a desktop java application (not Android) in which I want to insert VKontakte authorization.

At the same time, the requirement is that the application theoretically could not intercept the password entered by the user.


After studying the task, I realized that there are 3 implementation options:
1) HttpGet: make a direct request to Vkontakte, send the login and password entered by the user in the application.
Disadvantages : the VKontakte developers themselves do not recommend this method as unreliable and which can be closed at any time.
There are plenty of examples of such code on Habré:
habrahabr.ru/post/144813/
habrahabr.ru/post/92693/

2) Open the browser window via desktop.browse() with a specially formed request like
oauth.vk.com/authorize?client_id=APP_ID& etc.
Further, the user, regardless of the application in the browser, enters a password, clicks the consent button, and is redirected to a page with an access_token.
disadvantages: it is impossible to get the URL of the page where the user was redirected to through the Desktop object, and therefore it is impossible to extract the access_token.

3) We form a request from point 2 not in a third-party browser, but show it to the user inside the same application using an element such as WebView.
Disadvantages:
a) They write here that WebView is very slow
stackoverflow.com/questions/8374365/integrating-javafx-2-0-webview-into-a-swing-java-se-6-application
b) It seems that there is a possibility of interception entered data - password in webview by user