-
Bug
-
Resolution: Done
-
Major
-
jboss-fuse-6.2.1
-
None
-
%
-
When issuing grant_types like refresh_token, after initial test for refresh token grant handler there is an error receivied
{"error":"invalid_grant"}response from the token service.
Here is my Configuration,
<bean id="accessTokenService" class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService"> <property name="dataProvider" ref="oauthProvider" /> <property name="grantHandlers"> <list> <ref bean="clientCredentialsGrantHandler" /> <ref bean="refreshTokenGrantHandler" /> </list> </property> </bean>
Token service works perfectly fine for clientCredentialsGrantHandler.
Client object has registeredScopes field, There are values value assigned for registeredScopes, looks like issue is not with the refreshToken its rather with the AbstractOAuthDataProvider' s convertScopeToPermissions method. When it tries to call refreshAccessToken method internally convertScopeToPermissions is being called and in this case registeredScopes is not empty hence it throws an exception.
This method here,
@Override
public List<OAuthPermission> convertScopeToPermissions(Client client,
List<String> requestedScope) {
if (requestedScope.isEmpty()) {
return Collections.emptyList();
} else {
throw new OAuthServiceException("Requested scopes can not be mapped to the permissions");
}
}
