5 Replies Latest reply on Jan 5, 2016 5:31 PM by ramesht

    Access token retrieval with OAM-OAuth

    Praveen Pasi-Oracle

      Hi All,

      I am using IAM 11GR2PS2.

      I am using OAM with OAuth to implement security to REST Services.

      I am using the 'Standard Three-Legged OAuth Flows' to impelement the solution.

      i.e deveoped a web application with servlets that gets authorization  code from OAM,then get access token from OAM by passing the authorization code recieved earlier

      and then pass the access token to REST services.

      REST services recieve this token and then validate against OAM & if successful return the result back to the caller(sample web application above).

      I have been following the https://community.oracle.com/docs/DOC-911149 for this.

       

       

      But I am facing an issue to get access token from OAM by passing the authorization code received.

       

       

      I am always getting status 401(Unauthorized) status even though I am passing the received authorization code correctly.

       

       

      Even with curl command,I am getting the status 401.

       

       

      Same curl command used.

      curl -i

      -H 'Authorization: Basic NTQzMjFpZDp3ZWxjb21lMQ=='

      -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8"

      --request POST http://hostname:port/ms_oauth/oauth2/endpoints/oauthservice/tokens

      -d 'redirect_uri=http%3A%2F%2Fclient.example.com:17001%2Freturn

          &grant_type=authorization_code

          &code=eyJhbG...rWWk8hbs_o6uY'

       

       

      OAM server logs log the following error.

      oracle.security.jps.service.trust.token.TokenException: oracle.security.jps.internal.trust.token.TokenProviderException: Validate operation failed.

       

      Please help.

      Thanks,

      Praveen