Hello, I just pulled down Ready API and am trying the oAuth client crednetials grant flow from the Auth Manager wizard. I have properly populated the Client ID, Client Secret, Access Token URI, and scope and verified the values with a home grown JUnit test. I attempted to retrieve an access token using the "Get Access Token" button and result in the below output for each of the listed log files.
The client id and credentials are set and displayed per the following line in the HTTP log file:
grant_type=client_credentials&scope=create&client_secret=[CLIENT SECRET IS CORRECT]&client_id=bDjqy4CPfadQlpLT
I also checked to see if there was an update, but i am on the latest version of the product.
Additional Info
The oAuth server is a Spring Boot 1.3.1 app running under java 1.8. My guess bassed on what is being logged is that the request to obtain the access token includes client_secret & client_id as parameters rather than basic auth "Authorization Basic" encoded header value - as does the home grown JUnit test.
I am able to manually retrieve an "access token" and set it manually and SOAP UI works but this requires manual steps outside of soap ui. Any suggestions for a correction or good work around?
Ready! API log
Mon Feb 08 16:44:22 CST 2016:ERROR:An error occurred [OAuthProblemException{error='unauthorized', description='Full authentication is required to access this resource', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}], see error log for details
Mon Feb 08 16:44:22 CST 2016:ERROR:An error occurred [org.apache.oltu.oauth2.common.exception.OAuthSystemException: OAuthProblemException{error='unauthorized', description='Full authentication is required to access this resource', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}], see error log for details
HTTP Log:
Mon Feb 08 16:44:21 CST 2016
EBUG: >> "CONNECT [URL TO OUR OAUTH SERVER IS CORRECT]:443 HTTP/1.1[\r][\n]"
Mon Feb 08 16:44:21 CST 2016EBUG: >> "Host: [URL TO OUR OAUTH SERVER IS CORRECT][\r][\n]"
Mon Feb 08 16:44:21 CST 2016EBUG: >> "Proxy-Connection: Keep-Alive[\r][\n]"
Mon Feb 08 16:44:21 CST 2016EBUG: >> "User-Agent: Apache-HttpClient/4.3.1 (java 1.5)[\r][\n]"
Mon Feb 08 16:44:21 CST 2016EBUG: >> "[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: << "HTTP/1.1 200 Connection established[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: << "[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "POST /oauth/token HTTP/1.1[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "Content-Length: 100[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "Host:[URL TO OUR OAUTH SERVER IS CORRECT][\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "Connection: Keep-Alive[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "User-Agent: Apache-HttpClient/4.3.1 (java 1.5)[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "[\r][\n]"
Mon Feb 08 16:44:22 CST 2016EBUG: >> "grant_type=client_credentials&scope=create&client_secret=[CLIENT SECRET IS CORRECT]&client_id=bDjqy4CPfadQlpLT"