The authorization server does not support obtaining a token using this method


#1

Imported Google Group message. Original thread at: https://groups.google.com/forum/#!topic/tyk-community-support/_OTcaVcOSDs Import Date: 2016-01-19 21:09:30 +0000.
Sender:Sravan Nethi.
Date:Monday, 13 April 2015 18:39:30 UTC+1.

Hi,

getting The authorization server does not support obtaining a token using this method error below are details.

POST http://server:port/apikey/oauth/authorize
Content-Type: application/x-www-form-urlencoded
data–client_id%3Dec2b9cbdb6ff472166be0fc5259f6a27%26redirect_uri%3Dhttp%3A%2F%2Fserver%3A8080%2Fclientapp%2Foauthredirect%26state%3Dabc
– response –
403 Forbidden
Date: Tue, 14 Apr 2015 01:31:33 GMT
Content-Length: 107
Content-Type: text/plain; charset=utf-8

{“status”:“error”,“error”:“The authorization server does not support obtaining a token using this method.”}


#2

Imported Google Group message.
Sender:Martin Buhr.
Date:Tuesday, 14 April 2015 08:39:25 UTC+1.

Hi there,

It looks like you are missing a parameter required for the OAuth pass-through flow to work: response_type

This can either be ‘code’ or ‘token’ depending on how you’ve configured Tyk.

Let me know ift hat helps.

Cheers,
Martin

  • show quoted text -

#3

Imported Google Group message.
Sender:Sravan Nethi.
Date:Tuesday, 14 April 2015 10:03:55 UTC+1.

Hi,

yes i am passing response_type as code still getting
{“status”:“error”,“error”:“The authorization server does not support obtaining a token using this method.”}

below is request details

POST http://server:port/apikey/oauth/authorize
Content-Type: application/x-www-form-urlencoded
data–response_type%3Dcode%26client_id%3Dec2b9cbdb6ff472166be0fc5259f6a27%26redirect_uri%3Dhttp%3A%2F%2Fmail.pawaanetwork.in%3A8080%2Fclientapp%2Foauthredirect%26state%3Dabc
– response –
403 Forbidden
Date: Tue, 14 Apr 2015 01:31:33 GMT
Content-Length: 107
Content-Type: text/plain; charset=utf-8

{“status”:“error”,“error”:“The authorization server does not support obtaining a token using this method.”}

Regards,
sravan

  • show quoted text -

  • show quoted text -


You received this message because you are subscribed to a topic in the Google Groups “Tyk Community Support” group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/tyk-community-support/_OTcaVcOSDs/unsubscribe.
To unsubscribe from this group and all its topics, send an email to [email protected].
To view this discussion on the web, visit https://groups.google.com/d/msgid/tyk-community-support/8b78d6cd-a161-408a-b994-453736c9dbff%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


#4

Imported Google Group message.
Sender:Martin Buhr.
Date:Tuesday, 14 April 2015 10:17:21 UTC+1.

Have you told tyk which kind of tokens are allowed in the API definition? It would help if we could see that (you can send tit to me inprivate if you dont want to post to the whole list.

Thanks,
Martin

  • show quoted text -

#5

Imported Google Group message.
Sender:Martin Buhr.
Date:Tuesday, 14 April 2015 11:22:36 UTC+1.

Thanks for sending that… this is a silly idea, but might be worth a try (the OSIN Golang OAUTH server is very picky, have you tried removing the “state” request param?

Thanks,
Martin


#6

Imported Google Group message.
Sender:Martin Buhr.
Date:Tuesday, 14 April 2015 11:49:24 UTC+1.

Looking over how Osin processes this error, it’s only fired against the response_type parameter (https://github.com/lonelycode/osin/blob/master/authorize.go#L83) nowehere else.

But here’s a question, have you reloaded Tyk? If you make a change like this, unless you have the hot reload agent in place, Tyk wont pick up the changes to the API configuration unless you tell it to reload the definition (if your are testing, just restart Tyk).

Thanks,
Martin


#7

Imported Google Group message.
Sender:Martin Buhr.
Date:Tuesday, 14 April 2015 15:53:40 UTC+1.

Ok, I’ve been tinkering with this (it exposed a pretty massive bug in our dev version - so thanks!), I could replicate your error when I forgot to add a trailing slash to the authorize endpoint. In postman, it was actually returning a 301, then sending a GET request, which causes the error because the post data goes missing.

Try adding a trailing slash: http://server:port/apikey/oauth/authorize/

Thanks,
Martin

On Monday, April 13, 2015 at 6:39:30 PM UTC+1, Sravan Nethi wrote:

  • show quoted text -