You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I still want to use the Resource Owner Password Credentials Flow with an HttpClient and Oauth2. The request to retrieve the token shall be sent correctly to the token endpoint.
Actual Behaviour
The request is sent incomplete to the token endpoint - client_id and client_secret are missing. Most likely, this is caused by a wrong Grant object set as the body of the request, as this method returns a Map instead of a SecureGrant:
Expected Behavior
I still want to use the Resource Owner Password Credentials Flow with an HttpClient and Oauth2. The request to retrieve the token shall be sent correctly to the token endpoint.
Actual Behaviour
The request is sent incomplete to the token endpoint - client_id and client_secret are missing. Most likely, this is caused by a wrong Grant object set as the body of the request, as this method returns a
Map
instead of aSecureGrant
:https://github.com/micronaut-projects/micronaut-security/blob/v3.4.1/security-oauth2/src/main/java/io/micronaut/security/oauth2/endpoint/token/request/context/OauthPasswordTokenRequestContext.java#L54
So, the call in
secureRequest
fails, as theinstanceof
condition is not met, so client_id and client_secret are not set on the body:https://github.com/micronaut-projects/micronaut-security/blob/v3.4.1/security-oauth2/src/main/java/io/micronaut/security/oauth2/endpoint/token/request/DefaultTokenEndpointClient.java#L116
Steps To Reproduce
Try to access a REST API which requires an Authorization token which you can retrieve via a ROPC flow. Example configuration can be found in #979.
Environment Information
Tested with 3.3.0, as 3.4.1 has #979, which blocks me from using it, but according to the code, it seems to have the same issue.
Example Application
No response
Version
3.3.0
The text was updated successfully, but these errors were encountered: