Announcement Announcement Module
Collapse
No announcement yet.
OAuth2 2-legged error, Unable to obtain a new access token for resource Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • OAuth2 2-legged error, Unable to obtain a new access token for resource

    I have been trying to figure out how to use OAuth2RestTemplate as part of a client for OAuth2 2 leg authentication and I cannot find out any examples of how to configure the AccessTokenProviderChain correctly or at all. Can anyone suggest an example I could follow or even suggest some code I can use to setup the AccessTokenProviderChain object.

    This is the code I am using:

    Code:
    public String connect(File aKeyFile, String aPassword) {
    		keyFile = aKeyFile;
    		keyPassword = aPassword;
    		log.info(keyFile + " " + keyPassword);
    		
    		sslSocketFactory = getFactory();
    		log.info("sslSocketFactory: " + sslSocketFactory);
    		
    		String clientSecret = properties.getProperty("clientSecret");
    		String clientId = properties.getProperty("clientId");
    		BaseOAuth2ProtectedResourceDetails resourceDetails = new BaseOAuth2ProtectedResourceDetails();
    
    		resourceDetails.setId("seek.elasticap");
    		resourceDetails.setClientSecret(clientSecret);
    		resourceDetails.setClientId(clientId);
    
    		log.info("isAuthenticationRequired: " + resourceDetails.isAuthenticationRequired());
    		log.info("getAuthenticationScheme: " + resourceDetails.getAuthenticationScheme());
    		log.info("getTokenName: " + resourceDetails.getTokenName());
    		log.info("getGrantType: " + resourceDetails.getGrantType());
    		log.info("isScoped: " + resourceDetails.isScoped());
    
    		OAuth2RestTemplate oAuthRestTemplate = new OAuth2RestTemplate(resourceDetails);
    		
    		log.info("oAuthRestTemplate: " + oAuthRestTemplate);
    		
    		String result = oAuthRestTemplate.getForObject(url.toExternalForm(), String.class);
    		
    		return result;
    	}
    When I run this as part of a Junit test I get the following error:

    Code:
    error="access_denied", error_description="Unable to obtain a new access token for resource 'seek.elasticap'. The provider manager is not configured to support it."
    	at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:146)
    	at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:118)
    	at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:196)
    	at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:148)
    	at org.springframework.security.oauth2.client.OAuth2RestTemplate.createRequest(OAuth2RestTemplate.java:89)
    	at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:434)
    	at org.springframework.security.oauth2.client.OAuth2RestTemplate.doExecute(OAuth2RestTemplate.java:122)
    	at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:401)
    	at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:199)
    	at com.eaglegenomics.elasticview.seek.SeekClient.connect(SeekClient.java:142)
    	at com.eaglegenomics.elasticview.seek.SeekClientTest.testConnect(SeekClientTest.java:58)
    	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.lang.reflect.Method.invoke(Method.java:616)
    	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
    	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
    	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
    	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
    	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
    	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
    	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
    	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
    	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
    	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
    	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
    	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
    	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
    	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
    	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
    	at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
    	at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
    	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
    	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
    	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
    	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)

  • #2
    BaseOAuth2ProtectedResourceDetails has a grantType="unsupported". It looks like you are trying to do a client_credentials grant, so the easiest way to fix it is to use ClientCredentialsResourceDetails. You also haven't set the accessTokenUri, so it won't know where to get the token.

    Comment


    • #3
      Dave, thanks for the reply. I made the suggested changes and it worked.

      Code:
      public String connect(File aKeyFile, String aPassword) {
              keyFile = aKeyFile;
              keyPassword = aPassword;
              log.info(keyFile + " " + keyPassword);
              sslSocketFactory = httpsFactory.getFactory(keyFile, keyPassword);
              log.info("sslSocketFactory: " + sslSocketFactory);
              
              String clientSecret = properties.getProperty("clientSecret");
              String clientId = properties.getProperty("clientId");
              ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
              
              resourceDetails.setId("seek.elasticap");
              resourceDetails.setClientSecret(clientSecret);
              resourceDetails.setClientId(clientId);
              resourceDetails.setAccessTokenUri(url.toString());
      
              log.info("isAuthenticationRequired: " + resourceDetails.isAuthenticationRequired());
              log.info("getAuthenticationScheme: " + resourceDetails.getAuthenticationScheme());
              log.info("getTokenName: " + resourceDetails.getTokenName());
              log.info("getGrantType: " + resourceDetails.getGrantType());
              log.info("isScoped: " + resourceDetails.isScoped());
      
              OAuth2RestTemplate oAuthRestTemplate = new OAuth2RestTemplate(resourceDetails);
              
              log.info("oAuthRestTemplate: " + oAuthRestTemplate);
              
              String result = oAuthRestTemplate.getForObject(url.toString(), String.class);
              
              return result;
          }

      Comment

      Working...
      X