Oauth 2.0 -- WSO2 Identity server as authentication server--Issue generating access token

2
votes

I am facing an issue with the oauth access token generation using WSO2 identity server as authentication server.The access token is not getting generated.

I have followed the steps in the below url - http://wso2.com/library/articles/2015/09/article-how-to-generate-api-manager-access-tokens-using-multi-factor-authentication/ Instead of the second level of yahoo authentication, I have included my customized AuthServer authentication.This AuthServer code is responsible of handling the OAuth 2.0 tokens and clients details.

Program flow

  1. I have an html which has a link on click of which hits the below url:-

    https://localhost:8244/authorize?response_type=code&client_id=CeYYVyMbL2CAfoelSlUlZfFrwSQa&redirect_uri=https://localhost:8443/ClientProj/redirect.html

    The client_id here is the client_id of the application in the API manager store.The redirect uri is the url of my sample client.

  2. In the response header of the above request I am recieving the authorize code.This authorize code is used to get the actual access token as below request(POST)

The Postman screenshot of the request

Please help with a solution.

1
oauth-2.0wso2
This is the url for fteching the access token using the authorize code recieved above. localhost:8244/… the error recieved is invalid grant type.LekshmiKurup
The response is -- { "error_description": "Provided Authorization Grant is invalid", "error": "invalid_grant" }LekshmiKurup

1 Answers

0
votes

Did you try to use: 'grant_type': 'authorization_code' ?

Example (Python): 

 payload = { 'client_id': client_id, 'client_secret': client_secret, 'grant_type': 'authorization_code', 'code': str(code), 'redirect_uri': 'http://localhost:8080/resources/oauth2Callback'} 
    urllib.urlencode(payload) 
    headers = { 'application' : 'x-www-form-urlencoded' } 
    r = requests.post(url, data=payload, headers=headers, verify=verify) 

  # prepare lookup of token using code as input
    url  = "https://myserver.red.com:9443/token"
    payload = { 'key': client_id, 'secret': client_secret, 'grant_type': 'authorization_code', 'code': str(code) }
    urllib.urlencode(payload)
    headers = { 'application' : 'x-www-form-urlencoded' } 
    r = requests.post(url, data=payload, headers=headers)