I have implemented my own oAuth2 provider server (using the Grails spring security oAuth2 plugin) and am now trying to connect it to OpenAM.
When I try to log in, it redirects properly to my own login form and on succesfull authentication redirects back to OpenAM with the following url:
http://sso.my-domain.com/openam/XUI/#login/&realm=%myRealm&code=dPPg1g&state=rzhjjjl1wpmndz7zfh4gqm1r5k9xi2l
However, OpenAM says "Unable to login". The auth code is in the URL so it should be able to request an access token, so I went and did some debugging to find out that it doesnt even attempt to retrieve a token; relevant bits of logs follow:
from localhost_access_log:
[15/Dec/2015:11:29:17 +0100] "GET /MyOAuthProvider/oauth/authorize?client_id=openAm&scope=read&redirect_uri=http%3A%2F%2Fsso.my-domain.com%3A80%2Fopenam%2Foauth2c%2FOAuthProxy.jsp&response_type=code&state=rzhjjjl1wpmndz7zfh4gqm1r5k9xi2l HTTP/1.1" 200 901
[15/Dec/2015:11:29:18 +0100] "POST /MyOAuthProvider/oauth/authorize?client_id=openAm&scope=read&redirect_uri=http%3A%2F%2Fsso.my-domain.com%3A80%2Fopenam%2Foauth2c%2FOAuthProxy.jsp&response_type=code&state=rzhjjjl1wpmndz7zfh4gqm1r5k9xi2l HTTP/1.1" 302 -
As you can see, there is no call to /MyOAuthProvider/oauth/token, which is the token access point.
From /usr/share/tomcat7/openam/openam/debug/debug.log: http://pastebin.com/qivhR9JF (put on PasteBin because its a little too long)
When testing on local I was able to get the auth code and then the token just fine with calls from Postman, so that shouldnt be the problem.
Am I missing something here? Any help is appreciated
