Announcement Announcement Module
Collapse
No announcement yet.
invalid access token Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • invalid access token

    I've implemented a rudimentary resource server, auth server, and client inspired by the sparklr/tonr examples, but with separate auth server and resource server implementations.

    After approving authorization to the protected resource, my client attempts to access the protected resource using OAuth2RestTemplate and fails:

    Code:
    error="invalid_token", error_description="Invalid access token: 0d2e91da-293d-4d61-a022-0e4f715b3321"
    	at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionDeserializer.deserialize(OAuth2ExceptionDeserializer.java:86)
    	at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionDeserializer.deserialize(OAuth2ExceptionDeserializer.java:31)
    	at org.codehaus.jackson.map.ObjectMapper._readMapAndClose(ObjectMapper.java:2723)
    	at org.codehaus.jackson.map.ObjectMapper.readValue(ObjectMapper.java:1914)
    	at org.springframework.http.converter.json.MappingJacksonHttpMessageConverter.readInternal(MappingJacksonHttpMessageConverter.java:124)
    	at org.springframework.http.converter.AbstractHttpMessageConverter.read(AbstractHttpMessageConverter.java:153)
    	at org.springframework.web.client.HttpMessageConverterExtractor.extractData(HttpMessageConverterExtractor.java:81)
    	at org.springframework.security.oauth2.client.http.OAuth2ErrorHandler.handleError(OAuth2ErrorHandler.java:79)
    	at org.springframework.web.client.RestTemplate.handleResponseError(RestTemplate.java:486)
    	at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:443)
    	at org.springframework.security.oauth2.client.OAuth2RestTemplate.doExecute(OAuth2RestTemplate.java:122)
    	at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:415)
    	at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:213)
    	...
    My auth and resource server currently do not share a TokenStore (both use an InMemoryTokenStore). Could that be the problem?
    Last edited by jrod; Aug 13th, 2012, 12:54 AM.

  • #2
    Thinking about it some more, I see how this error would occur. The auth and resource servers run in different JVMs and have no way to exchange token store metadata with in-memory implementations. Doh! I fixed this by switching to a JdbcTokenStore.

    Comment

    Working...
    X