Request accesstoken fails with raison: parameter code is missing, but the attributeList has an attribute named code?

Question

I am troubleshooting my OAuth2.0 flow between my GAE application and our Connections4 test environment. With the tracing enabled on the Connections server, I see these lines:

{_status: 1 _attributeList: {{name: request_type type: urn:ibm:names:oauth:request values: [access_token]},{name: client_id type: urn:ibm:names:oauth:param values: [socialdms4g]},{name: callback_uri type: urn:ibm:names:query:param values: [https://eog-fire-ice.appspot.com/socialdms]},{name: client_id type: urn:ibm:names:query:param values: [socialdms4g]},{name: code type: urn:ibm:names:query:param values: [Pb2JtuOb1UkgPyV6aT1LflZ12B6kL1]},{name: client_secret type: urn:ibm:names:query:param values: [REMOVED]},{name: grant_type type: urn:ibm:names:query:param values: [authorization_code]}} _cause: com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException: A required runtime parameter was missing: code}
[12-12-12 16:15:08:680 CET] 000000e8 CachedDBToken 3   processing exception with OAuthResult: invalid_request
[12-12-12 16:15:08:680 CET] 000000e8 CachedDBToken <  handleResultException Exit
                             {_status: 1 _attributeList: {{name: request_type type: urn:ibm:names:oauth:request values: [access_token]},{name: client_id type: urn:ibm:names:oauth:param values: [socialdms4g]},{name: callback_uri type: urn:ibm:names:query:param values: [https://eog-fire-ice.appspot.com/socialdms]},{name: client_id type: urn:ibm:names:query:param values: [socialdms4g]},{name: code type: urn:ibm:names:query:param values: [Pb2JtuOb1UkgPyV6aT1LflZ12B6kL1]},{name: client_secret type: urn:ibm:names:query:param values: [REMOVED]},{name: grant_type type: urn:ibm:names:query:param values: [authorization_code]}} _cause: com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException: A required runtime parameter was missing: code}
[12-12-12 16:15:08:680 CET] 000000e8 OAuth20Endpoi <  processTokenRequest Exit

The url that is used to invoke this sequence contains a code (and all other) parameter(s).

What could be the cause of this and even better, how can I fix this ?

Answer 1

At least we can easily see what the problem is :) com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException: A required runtime parameter was missing: code

Code is one of the parameters that should be sent in the request to get the access token. Searching the src code of the SDK it looks like this should be sent all the time in OAuth2Handler.getAccessTokenForAuthorizedUser(). Is that being called?

Answer 2

@redball

This is what we have working today

redirectURL = "/oauth2/endpoint/connectionsProvider/authorize?response_type=code&_oauth_client_auto_authorize=true&client_id="+AppId+"&callback_uri="+CallbackUrl;

Where AppId and CallBackUrl are specific for your application.

In the doGet of your callBackUrl Servlet, use this helper class

com.ibm.sbt.security.authentication.oauth.consumer.OAuth2Handler

We have done it like this

OAuth2Handler oAuth2Handler = new OAuth2Handler();
logger.warning("WARNING Always trusting SSL certificate !!");
oAuth2Handler.setForceTrustSSLCertificate(true);
logger.fine("getting accesstoken...");
oAuth2Handler.setClient_uri(CallbackUrl);

oAuth2Handler.setConsumerKey(AppId);
oAuth2Handler.setAuthorization_code(code);
oAuth2Handler.setConsumerSecret(AppSecret);
oAuth2Handler.setAccessTokenURL(AccessTokenUrl);

logger.fine("getting token using GET...");
oAuth2Handler.getAccessTokenForAuthorizedUser();
String accessToken = oAuth2Handler.getAccessToken();
String expiresIn = oAuth2Handler.getExpiresIn()
String refreshToken = oAuth2Handler.getRefreshToken();