It is because the refresh_token you are using is an invalid/ expired as
Lakmali mentioned. Hope this[1] will help for more understanding.
[1] http://tools.ietf.org/html/rfc6749#page-44
Thanks,
Kavitha
On Fri, Mar 11, 2016 at 3:34 PM, Ishara Cooray wrote:
> Thanks Lakmali.
>
Thanks Lakmali.
Ishara Cooray
Senior Software Engineer
Mobile : +9477 262 9512
WSO2, Inc. | http://wso2.com/
Lean . Enterprise . Middleware
On Fri, Mar 11, 2016 at 3:16 PM, Lakmali Baminiwatta
wrote:
> This can happen if you reuse the same refresh token more than once [1].
>
This can happen if you reuse the same refresh token more than once [1].
Please check whether you are using the latest refresh token returned or
reusing a old one.
Thanks,
Lakmali
On 11 March 2016 at 14:59, Ishara Cooray wrote:
> Thanks Lakmali. It works!
>
> It works for the
Thanks Lakmali. It works!
It works for the password grant type as you have pointed out.
But for refresh_token grant type i get Provided Authorization Grant is
invalid error.
curl -k -d
"grant_type=refresh_token_token=87c4145a25f2e72d6d51edce3362f382=PRODUCTION"
-H "Authorization: Basic
Hi Ishara,
On 11 March 2016 at 14:27, Ishara Cooray wrote:
> Hi Malithi/Pushpalanka,
>
> I tried renewing access token by invoking TokenAPi. Below is my CURL.
>
> curl -d
> "grant_type=refresh_token_token=87c4145a25f2e72d6d51edce3362f382=PRODUCTION"
> -H "Authorization:Basic
Hi Malithi/Pushpalanka,
I tried renewing access token by invoking TokenAPi. Below is my CURL.
curl -d
"grant_type=refresh_token_token=87c4145a25f2e72d6d51edce3362f382=PRODUCTION"
-H "Authorization:Basic
bTlKZ2dkaXhGOGs3Y09jS1lLcW5ZQU16Q2lBYTphS19meWRraVlmS3k3VXlicEZkMU53eF81WkFh,
Content-Type:
Hi,
I am currently using a locally build of IS Server from the latest code.When
i try to get a OAuth Access token via a curl execution i am getting an
error.
Curl Format used :
*curl-k-d***
> *"grant_type=password=userNamepasswork&=**passWord*
>
Hi All,
@Pushpalanka I used that then it gives me an error indicating "Client
Authentication failed".
This issues was not there in the IS 5.0.0. I did a debugging and found the
issue. I have send a pull request regarding this.
Thanks and Regards.
Kamidu Sachith Punchihewa
*Software Engineer*
Hi,
Optionally, can you try with below command format and check,
curl --user Client_Id:Client_Secret -k -d
"grant_type=password=admin=admin" -H
"Content-Type:application/x-www-form-urlencoded"
https://localhost:9443/oauth2/token
Thanks,
Pushpalanka.
--
Pushpalanka Jayawardhana,
Hi Sachith,
Here EndpointUtil.extractCredentialsFromAuthzHeader() method expects the
value of the 'Authorization' header. Please refer [1]. Here the value of
the 'Authorization' header is passed to the method which is directly taken
from the servlet request.
And when decoding the header it
Hi Hasintha,
I don't see any usecase for using multiple authorization header values
here. This is used for OAuth Client Authentication [1]. There we don't have
multiple client credentials right.
[1] https://tools.ietf.org/html/rfc6749#section-2.3
On Wed, Oct 7, 2015 at 10:21 PM, Hasintha
We have the same logic in few places to extract authorization header (Not
only in Oauth).
On Wed, Oct 7, 2015 at 10:59 PM, Malithi Edirisinghe
wrote:
> Hi Hasintha,
>
> I don't see any usecase for using multiple authorization header values
> here. This is used for OAuth
@Malithi,
Thank you very much for the detailed explanation.Yes when i was debugging
the method extract* "Authorization:Basic xx" -H "Content-Type:
application/x-www-form-urlencoded"* and then split it.thanks again for the
explanation.
Cheers.
Kamidu Sachith Punchihewa
*Software
Hi Malithi,
What happens if we include multiple authorization header values in the same
header ? As [1] says we can use comma separated values for the same header
values. Is there a valid use case where we can use two authorization header
values ?. If so we need to handle this within the logic
14 matches
Mail list logo