Thanks, and Resource Owner "password" grant #14
Description
This is a wonderful demonstration project. Thanks for putting it together.
I'm trying out the various grants and permissions and learning about the Spring OAuth implementation. That's all great.
I decided to see if I could implement "Password Grant", but haven't had much luck. Here is the essence of what i've tried. (I've tried many variations too :-)
- I created a new oauth_client_details record like this.
INSERT INTO oauth_client_details
(client_id, resource_ids, client_secret, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove)
VALUES
('password-client', 'todo-services', 'password-client-secret', 'read,write', 'client_credentials, refresh_token, password', '', 'ROLE_ADMIN', 7200, 0, NULL, 'false');
- I rebuilt, restarted, etc. Then I tried a curl command.
curl -X POST -u password-client:password-client-secret localhost:8081/oauth/token?grant_type=password -d 'username=user&password=user'
I get "Unsupported grant type: password"
If I try this
curl -X POST -u password-client:password-client-secret localhost:8081/oauth/token?grant_type=client_credentials
I get an access token for the client. This second test tells me that the "password-client" is found, and that the "authorized_grant_types" includes "client_credentials" and that it is reading it from the database.
===
Did you ever make more progress on implementing "password" grant? I'll be investigating and if I solve it I will report it back here.
Thanks, Tom