Spring MVC Apache Oltu and Salesforce Integration examples OAUTH_APPROVAL_ERROR_GENERIC : An unexpected error has occured during authentication

4
votes

I am extending the question here: https://stackguides.com/questions/46530725/java-io-ioexception-server-returned-http-response-code-411-for-url-https-lo

I am developing Spring MVC + Apache Oltu + Salesforce Integration example. In this example, I have created connected App in the Salesforce as shown below:

In this example I am using below:

What will be the OAuthBearerClientRequest Request ? Like for Github I had used https://api.github.com/user. What will be the URL for the salesforce ?

This is getting called from my code:

https://login.salesforce.com/services/oauth2/authorize?scope=full&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fapache-oltu%2Fsalesforce%2Fredirect&client_id=3MVG9d8..z.hDcPJZPIzGJ5UZDqJOJY.3R6RBM8sJAF8PyTtdTE.DDBnScvPEbcbUmaZ1HQjYItOLpnjY4JHL

but nothing is coming in Authorization.

For ex: OAuthBearerClientRequest for

  • Linkedin - https://api.linkedin.com/v1/people/~?oauth2_access_token=
  • Facebook - https://graph.facebook.com/me/friends
  • Github- https://api.github.com/user

What is for the salesforce ?

This URL also dont have info what I want: https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com#Obtaining_an_Access_Token_using_a_SAML_Bearer_Assertion.

enter image description here

enter image description here

The error which I see:

error=redirect_uri_mismatch&error_description=redirect_uri%20must%20match%20configuration

enter image description here

The issue mention here: https://issues.apache.org/jira/browse/OLTU-210

1
javasalesforceoltu
I'd like to suggest you check out these docs: Setting Up OAuth 2.0 in Salesforce, Using OAuth to Authorize External Applications, Creation a Connected App in Salesforce.Gleb
@Hleb - It doesn't works for me. I have already raised the separate question here stackoverflow.com/questions/46530725/…, but still no answers.Pra_A

1 Answers

1
votes

I only got the below details, still looking to make it working

Understanding OAuth Endpoints OAuth endpoints are the URLs you use to make OAuth authentication requests to Salesforce.

You need to use the correct Salesforce OAuth endpoint when issuing authentication requests in your application. The primary OAuth endpoints are:

All endpoints require secure HTTP (HTTPS). Each OAuth flow defines which endpoints you need to use and what request data you need to provide. If you’re verifying authentication on a sandbox organization, use “test.salesforce.com” instead of “login.salesforce.com” in all the OAuth endpoints listed above.

When I spent all 2 weeks, I got the below details as a part of URL:

http://localhost:8080/apache-oltu/salesforce/redirect#access_token=00D7F0000001I8v%21ARgAQH3Ezr9dXMN2oOwedXsecQOJnNz7fzd8J0b1rv_WGJMLdjntGejARCflNHezO3Jx2EzQ3NCXU5N.9kd3XfIYJsoHuaxo&refresh_token=5Aep8613hy0tHCYdhxJMolioLtSyVWkdY.qjUQIKBDHpKUfFk5dQNWdtRroZqaoeSCMWjemMlechS_MfTRBEYRs&instance_url=https%3A%2F%2Fap5.salesforce.com&id=https%3A%2F%2Flogin.salesforce.com%2Fid%2F00D7F0000001I8vUAE%2F0057F000000l2bgQAA&issued_at=1508009229818&signature=cxOV7F68pvAfoeLZUw1hmZDEx1JKcnFWfpN8dutFPvo%3D&scope=api+web+full+refresh_token&token_type=Bearer

I was able to solve the problems and now I am getting the authorizationCode also which again fetches the access_token and refresh_token etc.

{  
   "access_token":"00D7F0000001I8v!ARgAQDvQR1L4XtPVlSzgBQWwN7vi6an6wp2yVa2E.QeCuJFDmWfjU8UKJnZCY0hNHcISEj4u7aHTzTXKPrZwFO7e_2PjilYY",
   "refresh_token":"5Aep8613hy0tHCYdhxJMolioLtSyVWkdY.qjUQIKBDHpKUfFk7DxakBkr.fqMfwxgDn5GuOHbU8EWoeGkNma4kJ",
   "signature":"KggDhRHjf3/wmU85Cuz5HPriXpvZ7+9nyVMlwFWoizE=",
   "scope":"refresh_token api full",
   "id_token":"eyJraWQiOiIyMTAiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiYmdveG9KR0k4S1BGa1FvVlU1WlNJUSIsInN1YiI6Imh0dHBzOi8vbG9naW4uc2FsZXNmb3JjZS5jb20vaWQvMDBEN0YwMDAwMDAxSTh2VUFFLzAwNTdGMDAwMDAwbDJiZ1FBQSIsImF1ZCI6IjNNVkc5ZDguLnouaERjUEpaUEl6R0o1VVpEckw3Ykp0aEFRX3YwWUN4ekVlRzExSEkxWXdLTmZ2YVlmRHkwbXNKNmF6RTNFQ01COEVHc0YzTlJ0SjAiLCJpc3MiOiJodHRwczovL2xvZ2luLnNhbGVzZm9yY2UuY29tIiwiZXhwIjoxNTA4MDExNDA5LCJpYXQiOjE1MDgwMTEyODl9.gvzr9Eq5QpYmG3s8daf55ey9GP9O2SvBN_3LpmlDB334pS6cLzHZrq6Z-zH6mXmgNAD7OEyVhPVLlsm5Ln2iOPC3AtfFhadyGNHrtbwxG9GtaiCoTwsBQ7dtyx5fytZBQnDrKJ6EoshduJkRDbC9GzuBVjGU0dAluqiC8A_BoX4DJcbCetXwk4bS1MTaf7IJNYceZhsIbgaq1y7CBIwYtlJHLURbrct6hkPFQc65zPAZB6_SZD0uifFRptp52VEelJ0GKC03PvzAgPw2ofaoWkdq5f7pdAZQRpPUDCKcplB3whc4vk0fk5uMacDnJBNNRkds3SjKvx3X0Qg0pE0xm5ISac20WhEYzeDVtqmBeqqVes0ZFIC5t3hewWmrLicCAedaAWuKK5LnpKdhYoClw8Hmtt5y_ewf34TbSuzc6mQ9O6fMNs4nDBr5_20LuPC6Z5rPXb-GKNONAySa8rcLAB4hcRimWBLVMhrKFIcLc2WLYd1OvqgnoKc6gMh76_Ibha0R8veORbusgd9AYJoQEsPed5-LzFrczP0DX-PHD9NGOsT5b2t9daxy8sZ3t_vfo__6GCYG_Lq-Ee0JOEWaemHp6P6a8OTSufQkXiiYdAwe2iSHi1mF457mZhGR9f_IJzUFXzHF8lY8q6LGZI2uLOfFJX4qYFt3Cj6RXbIP4hQ",
   "instance_url":"https://ap5.salesforce.com",
   "id":"https://login.salesforce.com/id/00D7F0000001I8vUAE/0057F000000l2bgQAA",
   "token_type":"Bearer",
   "issued_at":"1508011289104"
}

Now I am only concern about what exactly do I need to call using OAuthBearerClientRequest API ?

Scope Ref URL: https://help.salesforce.com/articleView?id=remoteaccess_oauth_scopes.htm&type=0

I was facing issue with OAuthBearerClientRequest API, dont know why. Raised a question here: Could not access resource: 401 [{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}] - works only in RestClient plugin .

The same I implemented using the RestTemplate it works fine. enter image description here