JHipster OAuth can't get token - 405 error

Question

I am trying to get OAuth2 token for authorization on my local JHipster server. Everything is setup correctly and working, I can login via Web GUI. But when I try to get token via cURL I get POST method not allowed

My cURL request is as following:

curl -X POST -vu client:secret http://localhost:8080/oauth/token -H "Accept: application/json" -d "username=admin&password=admin&grant_type=password&scope=read&client_id=CLIENTID&client_secret=CLIENTSECRET"

Answer 1

Thanks to this post, I have tested JHipster UAA, alongside JHipster version 5 .
This command could be a working sample:

curl -X POST -v http://[server-ip]:9999/oauth/token -i 
-H "Accept: application/json" 
-H "Authorization: Basic aW50ZXJuYWw6aW50ZXJuYWw=" 
-d "username=admin&password=admin&grant_type=client_credentials&scope=web-app"

Important notice:

1. Username and password must be replaced with yours.
2. The BASE64 encoded value of your 'clientId + ":" + clientSecret' must be set in header.
   In my case BASE64('internal:internal')='aW50ZXJuYWw6aW50ZXJuYWw=' https://www.base64encode.org/ can be used to encode your text.
3. Since you have put client Id and secret on message Header, no need to provide it on message body.

And this could be a sample output:

{
"access_token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJ3ZWItYXBwIl0sImV4cCI6MTUzNTM2ODEyNiwiaWF0IjoxNTM1MzY2MzI2LCJqdGkiOiJiYjYwMWVkYS01NjUyLTQ5OTgtYWJkNS04YzYxZjA3Y2U1ODUiLCJjbGllbnRfaWQiOiJpbnRlcm5hbCJ9.lNqpfE7N6XJVFe9t7zPbwokU_zl4AFIAmQJZ_Hb2ok0vBpWrDMf3v6KgEEi5bN2iyRd0TQBelSIJothrsYHoTk0ZaeeK9BM97OJr4Uc8kLzn2Vp-xpBk8-n2PlwAKIRojoOxMnBp0nA2qjPieaPV2Fj1HETmK2gZ38lQcZ_KJLD-ug9AT9_N1E9SwRjt1yfZtd64IJZOQGqcZ05VCAj54jxH9lyvX-_1NY2Iq2aA5-cGbOftmv0sUjF15EiTGps6YtFUrJqKs8PmDofMImyqjAwB3yNObpg7c6PbeCXWYLAir5IOFdueTys3cLLyrhE78GJ3OiKSAA128nZSeUbiAg",
"token_type" : "bearer",
"expires_in" : 1799,
"scope" : "web-app",
"iat" : 1535366326,
"jti" : "bb601eda-5652-4998-abd5-8c61f07ce585"
* Connection #0 to host [server-ip] left intact
}

Answer 2

Using the default generated jhipster app (3.5.0), this is how you would curl a token for the admin user:

> curl -X POST -u jhipsterapp:my-secret-token-to-change-in-production -i -H 'Accept:application/json' http://localhost:8080/oauth/token -d "username=admin&password=admin&grant_type=password&scope=read%20write"

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Application-Context: jhipster:swagger,dev:8080
Cache-Control: no-store
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 22 Jul 2016 13:09:38 GMT

{
  "access_token" : "4a1ae413-5cd7-46e9-8a33-31698218d43e",
  "token_type" : "bearer",
  "refresh_token" : "537f231c-e6e0-4499-bbd8-9580eee02f79",
  "expires_in" : 1799,
  "scope" : "read write"
}

Note: here is my .yo-rc.json:

{
  "generator-jhipster": {
    "jhipsterVersion": "3.5.0",
    "baseName": "jhipster",
    "packageName": "com.mycompany.myapp",
    "packageFolder": "com/mycompany/myapp",
    "serverPort": "8080",
    "authenticationType": "oauth2",
    "hibernateCache": "ehcache",
    "clusteredHttpSession": "no",
    "websocket": "no",
    "databaseType": "sql",
    "devDatabaseType": "h2Disk",
    "prodDatabaseType": "mysql",
    "searchEngine": "no",
    "buildTool": "maven",
    "useSass": false,
    "applicationType": "monolith",
    "testFrameworks": [
      "gatling"
    ],
    "jhiPrefix": "jhi",
    "enableTranslation": true,
    "nativeLanguage": "en",
    "languages": [
      "en"
    ]
  }
}