-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authorization Code grant returns invalid_client #353
Comments
Hi, @endymuhardin I was able to pull the sample project and reproduce the issue you are facing. The reason you are getting an
I have created a pull request that modifes the sample provided making it work as expected. Hope this helps |
Hello @bibibiu2017 I already merged your PR. Thanks a lot |
I was stuck on the same problem. I was able to fix this by encoding the clientSecret password with the password encoder as mentioned by @bibibiu2017 in the second point. Thanks, man for the hint. |
Describe the bug
I adopt authserver sample from this repo, and add minor modification (use flyway to setup the database with custom schema for login and permission, oauth tables are created using default schema). Try to obtain access token, but getting 401 with invalid_client message.
To Reproduce
Open authorization URL in browser :
http://auth-server:9000/oauth2/authorize?client_id=belajar&redirect_uri=http://127.0.0.1:8080/authorized&response_type=code&state=abcd456&scope=message.read
Login with username
user001
and passwordteststaff
Redirected to
http://127.0.0.1:8080/authorized?code=CacGUBn4ZRBwE8cqiS0LHFj0Cww6bRNJwNGGpM-4IYpXpbJ6CBIVCKPyYUizFkNMdPLeRZFN2wqZ9XBZfMoqKMX4usLcv1mxgSLseG0ZhqEmMCMU5J1KN_ZrLPKGBjfC&state=abcd456
Copy
CacGUBn4ZRBwE8cqiS0LHFj0Cww6bRNJwNGGpM-4IYpXpbJ6CBIVCKPyYUizFkNMdPLeRZFN2wqZ9XBZfMoqKMX4usLcv1mxgSLseG0ZhqEmMCMU5J1KN_ZrLPKGBjfC
to PostmanSet the following in Postman
messaging-client
passwordsecret
x-www-form-urlencoded
grant_type
:authorization_code
redirect_uri
:http://127.0.0.1:8080/authorized
code
:CacGUBn4ZRBwE8cqiS0LHFj0Cww6bRNJwNGGpM-4IYpXpbJ6CBIVCKPyYUizFkNMdPLeRZFN2wqZ9XBZfMoqKMX4usLcv1mxgSLseG0ZhqEmMCMU5J1KN_ZrLPKGBjfC
client_id
:messaging-client
(I already try to include and exclude this param, result is stillinvalid_client
)Hit Send
Notes :
127.0.0.1 auth-server
entry in/etc/hosts
already addedExpected behavior
I tried the reproduce step above to the sample project and getting access_token successfully.
In my project, I got
invalid_client
message.I tried using the sample client app against my project, Firefox said too many redirects.
Tried to alter client authentication method to
CLIENT_SECRET_POST
and adjust Postman accordingly, still gettinginvalid_client
.Sample
Sample project is at http://github.com/endymuhardin/belajar-spring-authorization-server
Suggestion
I tried to trace the error to the source code, however there are many code path in
OAuth2ClientAuthenticationProvider#authenticate
which leads to invalid client. It'll be great if there are description inOAuth2ClientAuthenticationProvider#throwInvalidClient
maybe inDEBUG
level to ease debugging.The text was updated successfully, but these errors were encountered: