Announcement Announcement Module
Collapse
No announcement yet.
302 response from server invalid on Native? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • 302 response from server invalid on Native?

    Hi-

    I'm working with the Native flow (profile?) on OAuth2. I have 1.0.0.M3.

    When I call the /oauth/authorize with invalid client details, I get the proper error values specified by the spec (http://tools.ietf.org/html/draft-iet...ection-3.2.1):

    Response:
    {
    "error": "invalid_client",
    "error_description": "Client not found for: idonotexist"
    }

    However, when I pass invalid user credentials, I'm getting a 302 redirect with response parameters and its directing me to my login jsp page.

    I'm assuming I have something configured wrong, but how do I get it configured so that i get:

    Response:
    {
    "error": "access_denied",
    "error_description": "Invalid username or password"
    }

    Since this is a native flow I do not want to have the end user look for a log in page in the response.

    Thanks very much in advance.

    Cory

  • #2
    I'm suspecting that the 302 is getting applied by some kind of non-oauth spring security filter. Can you provide a test case to the sparklr2 application that exposes the problem? Take a look at org.springframework.security.oauth2.provider.TestN ativeApplicationProfile...

    Comment

    Working...
    X