oauth 2.0 - org.springframework.web.client.RestTemplate - POST request for resulted in 400 (Bad Request); invoking error handler -
i'm looking developed spring oauth2resttemplate code , taken reference access tokens using 2 legged oauth 2.0 , apache oauthclient.
there 2 suggestions been given, first suggestion using apache oltu worked absolutely fine me. now, looking developed second option using spring oauth2 resttemplate.
the error getting:-
warn : org.springframework.web.client.resttemplate - post request "https://graph.facebook.com/oauth/access_token" resulted in 400 (bad request); invoking error handler exception in thread "main" error="access_denied", error_description="error requesting access token." @ org.springframework.security.oauth2.client.token.oauth2accesstokensupport.retrievetoken(oauth2accesstokensupport.java:145) @ org.springframework.security.oauth2.client.token.grant.client.clientcredentialsaccesstokenprovider.obtainaccesstoken(clientcredentialsaccesstokenprovider.java:44) @ org.springframework.security.oauth2.client.token.accesstokenproviderchain.obtainnewaccesstokeninternal(accesstokenproviderchain.java:142) @ org.springframework.security.oauth2.client.token.accesstokenproviderchain.obtainaccesstoken(accesstokenproviderchain.java:118) @ org.springframework.security.oauth2.client.oauth2resttemplate.acquireaccesstoken(oauth2resttemplate.java:221) @ org.springframework.security.oauth2.client.oauth2resttemplate.getaccesstoken(oauth2resttemplate.java:173) @ org.springframework.security.oauth2.client.oauth2resttemplate.createrequest(oauth2resttemplate.java:105) @ org.springframework.web.client.resttemplate.doexecute(resttemplate.java:564) @ org.springframework.security.oauth2.client.oauth2resttemplate.doexecute(oauth2resttemplate.java:128) @ org.springframework.web.client.resttemplate.execute(resttemplate.java:529) @ org.springframework.web.client.resttemplate.postforobject(resttemplate.java:329) @ com.apache.oltu.restfacebookcontroller.authenticate(restfacebookcontroller.java:46) @ com.apache.oltu.restfacebookcontroller.main(restfacebookcontroller.java:52) caused by: org.springframework.web.client.httpclienterrorexception: 400 bad request @ org.springframework.web.client.defaultresponseerrorhandler.handleerror(defaultresponseerrorhandler.java:91) @ org.springframework.security.oauth2.client.token.oauth2accesstokensupport$accesstokenerrorhandler.handleerror(oauth2accesstokensupport.java:244) @ org.springframework.web.client.resttemplate.handleresponseerror(resttemplate.java:615) @ org.springframework.web.client.resttemplate.doexecute(resttemplate.java:573) @ org.springframework.web.client.resttemplate.execute(resttemplate.java:537) @ org.springframework.security.oauth2.client.token.oauth2accesstokensupport.retrievetoken(oauth2accesstokensupport.java:137) ... 12 more
i tried debug application several weeks, , decided post on stackoverflow.com. here i've developed code
import java.util.arrays; import org.json.jsonobject; import org.slf4j.logger; import org.slf4j.loggerfactory; import org.springframework.http.httpentity; import org.springframework.http.httpheaders; import org.springframework.http.mediatype; import org.springframework.security.oauth2.client.oauth2resttemplate; import org.springframework.security.oauth2.client.token.grant.client.clientcredentialsresourcedetails; import org.springframework.stereotype.controller; import org.springframework.web.bind.annotation.requestmapping; import org.springframework.web.bind.annotation.requestmethod; @controller @requestmapping("/restfacebook") public class restfacebookcontroller { private static final logger logger = loggerfactory.getlogger(restfacebookcontroller.class); private string client_secret = "33b17e044ee6a4fa383f46ec6e28ea1d"; private string client_id = "233668646673605"; @requestmapping(value = "/auth", method = requestmethod.get) public void authenticate() { logger.debug("in authenticate() method"); clientcredentialsresourcedetails resourcedetails = new clientcredentialsresourcedetails(); resourcedetails.setclientsecret(client_secret); resourcedetails.setclientid(client_id); resourcedetails.setaccesstokenuri("https://graph.facebook.com/oauth/access_token"); resourcedetails.setscope(arrays.aslist("email,offline_access,user_about_me,user_birthday,read_friendlists")); resourcedetails.settokenname("code"); jsonobject request = new jsonobject(); request.put("resourcedetails", resourcedetails); oauth2resttemplate oauthresttemplate = new oauth2resttemplate(resourcedetails); httpheaders headers = new httpheaders(); headers.setcontenttype( mediatype.application_json ); // sample post method httpentity<string> reqentity = new httpentity<string>(resourcedetails.tostring(), headers); string posturi = "https://www.facebook.com/dialog/oauth"; string postresult = oauthresttemplate.postforobject(posturi, reqentity, string.class); system.out.println(postresult); } } }
if followed dave's suggested code below, dave's code seems working, why not? don't see differences in concept such.
private string client_secret = "33b17e044ee6a4fa383f46ec6e28ea1d"; private string client_id = "233668646673605"; @requestmapping(value = "/auth", method = requestmethod.get) public void authenticate() { logger.debug("in authenticate() method"); authorizationcoderesourcedetails details = new authorizationcoderesourcedetails(); details.setid("facebook"); details.setclientid(client_id); details.setclientsecret(client_secret); details.setaccesstokenuri("https://graph.facebook.com/oauth/access_token"); details.setuserauthorizationuri("https://www.facebook.com/dialog/oauth"); details.settokenname("oauth_token"); details.setauthenticationscheme(authenticationscheme.query); details.setclientauthenticationscheme(authenticationscheme.form); oauth2resttemplate oauthresttemplate = new oauth2resttemplate(details); httpheaders headers = new httpheaders(); headers.setcontenttype( mediatype.application_json ); // sample post method httpentity<string> reqentity = new httpentity<string>(details.tostring(), headers); string posturi = "https://www.facebook.com/dialog/oauth"; string postresult = oauthresttemplate.postforobject(posturi, reqentity, string.class); system.out.println(postresult); }
then got error, seems expected, how can on error?
exception in thread "main" org.springframework.security.oauth2.client.resource.userredirectrequiredexception: redirect required users approval @ org.springframework.security.oauth2.client.token.grant.code.authorizationcodeaccesstokenprovider.getredirectforauthorization(authorizationcodeaccesstokenprovider.java:347) @ org.springframework.security.oauth2.client.token.grant.code.authorizationcodeaccesstokenprovider.obtainaccesstoken(authorizationcodeaccesstokenprovider.java:194) @ org.springframework.security.oauth2.client.token.accesstokenproviderchain.obtainnewaccesstokeninternal(accesstokenproviderchain.java:142) @ org.springframework.security.oauth2.client.token.accesstokenproviderchain.obtainaccesstoken(accesstokenproviderchain.java:118) @ org.springframework.security.oauth2.client.oauth2resttemplate.acquireaccesstoken(oauth2resttemplate.java:221) @ org.springframework.security.oauth2.client.oauth2resttemplate.getaccesstoken(oauth2resttemplate.java:173) @ org.springframework.security.oauth2.client.oauth2resttemplate.createrequest(oauth2resttemplate.java:105) @ org.springframework.web.client.resttemplate.doexecute(resttemplate.java:564) @ org.springframework.security.oauth2.client.oauth2resttemplate.doexecute(oauth2resttemplate.java:128) @ org.springframework.web.client.resttemplate.execute(resttemplate.java:529) @ org.springframework.web.client.resttemplate.postforobject(resttemplate.java:329) @ com.apache.oltu.restfacebookcontroller.authenticate(restfacebookcontroller.java:48) @ com.apache.oltu.restfacebookcontroller.main(restfacebookcontroller.java:54)
pom.xml:
<properties> <org.springframework-version>4.1.5.release</org.springframework-version> <org.aspectj-version>1.8.5</org.aspectj-version> </properties> <dependencies> <!-- spring context --> <dependency> <groupid>org.springframework</groupid> <artifactid>spring-context</artifactid> <version>${org.springframework-version}</version> <exclusions> <!-- exclude commons logging in favor of slf4j --> <exclusion> <groupid>commons-logging</groupid> <artifactid>commons-logging</artifactid> </exclusion> </exclusions> </dependency> <!-- spring web mvc --> <dependency> <groupid>org.springframework</groupid> <artifactid>spring-webmvc</artifactid> <version>${org.springframework-version}</version> </dependency> <!-- aspectj --> <dependency> <groupid>org.aspectj</groupid> <artifactid>aspectjrt</artifactid> <version>${org.aspectj-version}</version> </dependency> <!-- module providing oauth2 support spring security --> <dependency> <groupid>org.springframework.security.oauth</groupid> <artifactid>spring-security-oauth2</artifactid> <version>2.0.7.release</version> </dependency> <!-- apache log4j --> <dependency> <groupid>log4j</groupid> <artifactid>log4j</artifactid> <version>${log4j.version}</version> <exclusions> <exclusion> <groupid>javax.mail</groupid> <artifactid>mail</artifactid> </exclusion> <exclusion> <groupid>javax.jms</groupid> <artifactid>jms</artifactid> </exclusion> <exclusion> <groupid>com.sun.jdmk</groupid> <artifactid>jmxtools</artifactid> </exclusion> <exclusion> <groupid>com.sun.jmx</groupid> <artifactid>jmxri</artifactid> </exclusion> </exclusions> <scope>runtime</scope> </dependency> <!-- @inject --> <dependency> <groupid>javax.inject</groupid> <artifactid>javax.inject</artifactid> <version>1</version> </dependency> </dependencies>
you might need set authentication scheme client (facebook still doesn't accept header authentication recommended spec). example (https://github.com/spring-projects/spring-security-oauth/blob/master/samples/oauth2/tonr/src/main/java/org/springframework/security/oauth/examples/config/webmvcconfig.java#l185)
resourcedetails.setauthenticationscheme(authenticationscheme.query);
Comments
Post a Comment