java - Spring OAuth2: Access token denied because client_id not specified

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams

I am trying to implement Intercom OAuth2 in my spring application. I am running into a strange problem.

Once the user gives the app permission to use its data a POST request is sent to the access token uri ( https://api.intercom.io/auth/eagle/token ). This post request is handled by spring.

But then I get the error that

Caused by: org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Access token denied.
    at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:142) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:209) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:143) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:119) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication(OAuth2ClientAuthenticationProcessingFilter.java:105) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    ... 56 common frames omitted
Caused by: org.springframework.security.oauth2.common.exceptions.OAuth2Exception: OAuth Error
    at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:119) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:33) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:3789) ~[jackson-databind-2.8.1.jar:2.8.1]
    at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2913) ~[jackson-databind-2.8.1.jar:2.8.1]
    at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readJavaType(AbstractJackson2HttpMessageConverter.java:225) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
    at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readInternal(AbstractJackson2HttpMessageConverter.java:205) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
    at org.springframework.http.converter.AbstractHttpMessageConverter.read(AbstractHttpMessageConverter.java:193) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
    at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport$AccessTokenErrorHandler.handleError(OAuth2AccessTokenSupport.java:235) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:667) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:620) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:588) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
    at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:137) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
    ... 62 common frames omitted
04:39:57.150 [http-nio-8080-exec-2] D
Upon debugging I found that the POST request is failing due to the absence of client_id. This is a part of the json I receive.
"errors":[{"code":"parameter_not_found","message":"client_id not specified"}
My oauth.properties file contains both the client_id and client_secret.
intercom.client.clientId=MY_CLIENT_ID
intercom.client.clientSecret=MY_CLIENT_SECRET
intercom.client.userAuthorizationUri=https://app.intercom.io/oauth
intercom.client.accessTokenUri=https://api.intercom.io/auth/eagle/token
But when I do the same for other oauth providers like github, google etc it works fine. I even tried the POST request via curl with the client_id and client_secret and the request was successful and I got the token. I am not able to understand why spring is causing an error here. While it works perfectly for other oauth providers.
Can anyone help me. Why might this be happening? I can't seem to find the issue. Thanks !!
                Maybe you have to inject your properties using xml or annotation the spring can get client information. You also refer to the post oauth2 javabycode.com/spring-framework-tutorial/spring-security/…
– David Pham
                Feb 9, 2017 at 1:58
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.