stackoom
  简体   繁体   中英

Access Token Response: tokenType cannot be null

 原文  2019-10-30 16:10:52       java/ spring/ spring-webflux/ spring-webclient

Question

I am upgrading my service and implementing webclient using oAuth2, and I am getting exception is"tokenType cannot be null" could you please help me to resolve that.

exception: org.springframework.security.oauth2.core.OAuth2AuthorizationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Error while extracting response for type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [application/json]; nested exception is org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenType cannot be null; nested exception is java.lang.IllegalArgumentException: tokenType cannot be null

2 answers

solution1
 5  2020-04-27 04:37:36

Please have a look at https://github.com/spring-projects/spring-security/issues/5983#issuecomment-430620308

This is well known problem because of the spec that requires a token type (BEARER in our case) to be present in the response to the client when hitting the token access uri, Spring security oauth doesnt affect a default in case of non presence of this parameter tokentype, you have a work around in the link above.

The OAuth spec states: https://tools.ietf.org/html/rfc6749#section-5.1

5.1. Successful Response

The authorization server issues an access token and optional refresh token, and constructs the response by adding the following parameters to the entity-body of the HTTP response with a 200 (OK) status code:

access_token REQUIRED. The access token issued by the authorization server.

token_type REQUIRED. The type of the token issued as described in Section 7.1. Value is case insensitive.

expires_in RECOMMENDED. The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated. If omitted, the authorization server SHOULD provide the expiration time via other means or document the default value.

solution2
 0 ACCPTED  2019-12-02 20:09:23

Eventually figured out the issue,client was missing one of field in token json response that was tokenType. Actually tokenType also should be included in token response, in my case tokenType was bearer.

{ "access_token": "************", "token_type": "Bearer", "expires_in": 1800, "scope": "read" }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question NanoHTTPD - Cannot access Response class Salesforce OAuth Access_Token null? Access Token and Refresh token are null in google drive api with service account Getting access token as Null in Google service account JWT Cannot convert access token to JSON Get Access Token as a Response through Web Portal (OAuth2) Access token gives only id, all other params are empty or null Arraylist is null; I cannot access books in the arraylist Storing access token in SharedPreferences returns null object reference error Spring Security + Google OAuth2 Login: access token is null?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM