- edited description
Token request with client credentials grant
Issue #170
invalid
Hi there,
I am using the latest version of oauth2-oidc-sdk(5.5.1)
Trying to fetch the token using client credential grant. some how clientAuthentication is not adding to url.I tried to print the header,but that details is not comming up System.out.println(request.toHTTPRequest().getQuery());
Following is the output when i Print the query
scope=read+write&grant_type=client_credentials
Error: The error I am getting is invalid_request: client_assertion' or 'client_secret' is required for the 'client_credentials' grant type. Please find the below code
I have attached the sample code
Also this getAccessToken() method is not available in the latest release.
AccessTokenResponse successResponse = (AccessTokenResponse) response;
// Get the access token AccessToken accessToken = successResponse.getAccessToken();
By the way this is the complete url add on i need to pass. How do i pass the resource along with it.
grant_type=client_credentials&client_id=ce705a3c-xxxxd-e1e061cd8eaf&client_secret=xxxxxge/M1tNRtcmXSHYzZP7X37c=&resource=http://xxxxxx/PartyOData
Thanks Vinoj
Comments (10)
-
reporter
-
reporter
- edited description
-
reporter
- edited description
-
Hi,
Apparently the server is expecting the credentials in the post body. Use ClientSecretPost instead of ClientSecretBasic to encode them into the request.
ClientSecretBasic encodes them into the Authorization header.
-
Hi,
Apparently the server is expecting the credentials in the post body. Use ClientSecretPost instead of ClientSecretBasic to encode them into the request.
ClientSecretBasic encodes them into the Authorization header.
-
reporter
Thanks for the help.Really appreciate that and it is working.
If i need to append resource along with the url how do i pass it.
grant_type=client_credentials&client_id=ce705a3c-xxxxd-e1e061cd8eaf&client_secret=xxxxxge/M1tNRtcmXSHYzZP7X37c=&resource=http://xxxxxx/PartyOData
Currently I can only pass
1) grant_type=client_credentials
2)clientid/secret
3) resource ????
Thanks
-
Hi,
We'll add an option to append custom parameters, like resource, to the token request body.
In the mean time you can work around like this:
HTTPRequest httpRequest = tokenRequest.toHTTPRequest(); Map<String,String> params = httpRequest.getQueryParameters(); params.put("resource", "http:///"); httpRequest.setQuery(com.nimbusds.oauth2.sdk.util.URLUtils.serializeParameters(params)); -
- changed status to invalid
Reported request required client_secret_post authentication.
Created ticket
#171to add support for customresourceand other parameters. -
reporter
thanks it works perfect
-
Support for custom parameters was added in version 5.6, which was just pushed to maven central:
http://search.maven.org/#artifactdetails|com.nimbusds|oauth2-oidc-sdk|5.6|jar
For that an extra TokenRequest constructor was added (with Map<String,String> customParams argument)
- Log in to comment
