0

I want to get access token OAuth 2.0 from REST API via Java code, the thing is that I've managed to successfully get it back from the server with Bash script (curl command)

Bash script (working):

#!/usr/bin/env bash

       # Base URL of TeamForge site.
       site_url="https://teamforge.example.com"

       # TeamForge authentication credentials.
       username="foo"
       password="bar"

       # Requested scope (all)
       scope="urn:ctf:services:ctf

       curl -d "grant_type=password&client_id=api-client&scope=$scope&username=$username&password=$password" $site_url/sf/auth/token

With that code snippet I'got this response:

  {
         "access_token": "eyJraWQiOiIxIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJhZG1pbiIsImF1ZCI...",
         "token_type": "Bearer"
       }

When I've tried to translate it to Java code using Unirest :

  HttpResponse<JsonNode> jsonResponse = Unirest.post("\"https://teamforge.example.com/sf/auth/token")
                .header("accept", "application/json")
                .body("{\"grant_type\":\"password\"," +
                        "\"client_id\":\"api-client\", " +
                        "\"scope\":\"urn:ctf:services:ctf\"," +
                        "\"username\":\"foo\"," +
                        "\"password\":\"bar\"}")

                .asJson();

        System.out.println(jsonResponse.getBody());

Response was:

{"error_description":"Invalid grant","error":"invalid_grant"}

After a couple of researches and tries, I still don't know what am I missing in my Java code request. Can someone help me to add missing stuff or guide me to right directions?

CollabNet docs:

Saso

RrR-
  • 1,251
  • 3
  • 15
  • 32
Sašo Pavlič
  • 89
  • 1
  • 1
  • 9
  • Your Java code is using a JSON body, but the bash script has the parameters in the post request directly, not in a JSON body. Have you tried calling it the same way? – JPinzon01 Nov 23 '18 at 15:55
  • @JPinzon01 You mean creating a POST request with parameters in the URL? Example:POST: www.myapi.com?grant_type=password&client_id=api-client&scope=$scope&username=$username&password=$password – Sašo Pavlič Nov 28 '18 at 19:28
  • Not in the URL, but in the body. You can try putting the same string you use for the bash script instead of the JSON. The thing is the Oauth2 server is not expecting a JSON request, is expecting a regular POST with HTTP parameters in the body. The response is a JSON object, but the request doesn't have to be the same format. – JPinzon01 Nov 29 '18 at 21:06
  • Thank you for the comment, but I tried like you suggested and it is still now working. Error message "{"error_description":"Invalid request","error":"invalid_request"}" – Sašo Pavlič Dec 05 '18 at 08:50

2 Answers2

1

Please try:

JsonNode jsonResponse = Unirest.post("https://teamforge.example.com/sf/auth/token")
.header("Content-Type", "application/json")
.field("scope", "urn:ctf:services:ctf")
.field("client_id", "api-client")
.field("grant_type", "password")
.field("username", "foo")
.field("password", "bar")
.asJson()
.getBody();

And one more question are you sure about grant type ?
grant_type = client_credentials maybe you need something like this.

Sarvan Kumar
  • 926
  • 1
  • 11
  • 27
Hhovhann
  • 511
  • 1
  • 6
  • 22
0
HttpResponse<String> authTokenResponse=Unirest.post(OAUTH_URL)
.header("Content-Type", "application/x-www-form-urlencoded")
.body("grant_type=client_credentials&client_id="+ CLIENT_ID + "&client_secret=" + CLIENT_SECRET).asString();


                
return new JSONObject(authTokenResponse.getBody()).getString("access_token");
borchvm
  • 3,533
  • 16
  • 44
  • 45
Mohmmad
  • 1
  • 1
  • While this code may provide a solution to the question, it's better to add context as to why/how it works. This can help future users learn, and apply that knowledge to their own code. You are also likely to have positive feedback from users in the form of upvotes, when the code is explained. – borchvm Mar 13 '23 at 07:34