I'm trying to access some resources with the Client Credentials authorization.
However it seems that it's always performing the request to get the auth token, and not storing it in the keychain, and I can't seem to figure out why.
Here's the debug output
[Debug] OAuth2: Starting authorization
[Debug] OAuth2: No access token, checking if a refresh token is available
[Debug] OAuth2: I don't have a refresh token, not trying to refresh
[Debug] OAuth2: Adding “Authorization” header as “Basic client-key:client-secret”
[Debug] OAuth2: Requesting new access token from https://<REDACTED>/oauth/token
[Trace] OAuth2: REQUEST
HTTP/1.1 POST https://<REDACTED>/oauth/token
Accept: application/json
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Authorization: Basic <REDACTED>
grant_type=client_credentials&scope=read
---
[Trace] OAuth2: RESPONSE
HTTP/1.1 200 no error
Content-Type: application/json
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Access-Control-Max-Age: 1000
Pragma: no-cache
Transfer-Encoding: Identity
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Server: Apache-Coyote/1.1
Cache-Control: no-store
Date: Mon, 29 May 2017 02:28:27 GMT
{"access_token":<REDACTED>,"token_type":"bearer","expires_in":13869,"scope":"read"}
---
[Debug] OAuth2: Did get access token [true]
[Debug] OAuth2: Storing tokens to keychain
Then if I make a second call, it says it doesn't have an access token and goes back to the server for a new one. However I expect it to reuse the one retrieved previously:
[Debug] OAuth2: Starting authorization
[Debug] OAuth2: No access token, checking if a refresh token is available
[Debug] OAuth2: I don't have a refresh token, not trying to refresh
[Debug] OAuth2: Adding “Authorization” header as “Basic client-key:client-secret”
[Debug] OAuth2: Requesting new access token from https://<REDACTED>/oauth/token
[Trace] OAuth2: REQUEST
HTTP/1.1 POST https://<REDACTED>/oauth/token
Accept: application/json
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Authorization: Basic <REDACTED>
grant_type=client_credentials&scope=read
---
[Trace] OAuth2: RESPONSE
HTTP/1.1 200 no error
Content-Type: application/json
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Access-Control-Max-Age: 1000
Pragma: no-cache
Transfer-Encoding: Identity
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Server: Apache-Coyote/1.1
Cache-Control: no-store
Date: Mon, 29 May 2017 02:28:46 GMT
{"access_token":<REDACTED>,"token_type":"bearer","expires_in":13850,"scope":"read"}
---
[Debug] OAuth2: Did get access token [true]
[Debug] OAuth2: Storing tokens to keychain
I'm a bit lost as to why it doesn't seem to know about the previously fetched token? Any advice please?
Note: in the response, I see that there's no refresh_token - is this typical of a client credentials token? The back end uses Spring Security OAuth2 if that's relevant.
Hi,
I'm trying to access some resources with the Client Credentials authorization.
However it seems that it's always performing the request to get the auth token, and not storing it in the keychain, and I can't seem to figure out why.
Here's the debug output
Then if I make a second call, it says it doesn't have an access token and goes back to the server for a new one. However I expect it to reuse the one retrieved previously:
My config looks like this:
And I'm using a Class that extend dataloader, which has a method like so:
I'm a bit lost as to why it doesn't seem to know about the previously fetched token? Any advice please?
Note: in the response, I see that there's no refresh_token - is this typical of a client credentials token? The back end uses Spring Security OAuth2 if that's relevant.