I was trying out OAuth2 to protect an API using Username Password grant type in Tyk open source gateway.
I am able to generate an access token and access the API successfully.
But when I try to create a new token using refresh token it is throwing the following response
{
"error": "server_error",
"error_description": "The authorization server encountered an unexpected condition that prevented it from fulfilling the request."
}
In the logs it says client id is not found:
tyk-gateway-3_1 | time="Mar 30 10:54:54" level=info msg="Getting client << my client id >>"
tyk-gateway-3_1 | time="Mar 30 10:54:54" level=debug msg="Error trying to get value:redis: nil"
tyk-gateway-3_1 | time="Mar 30 10:54:54" level=error msg="Failure retrieving client ID key "oauth-clientid.<< my client id >>": key not found"
tyk-gateway-3_1 | time="Mar 30 10:54:54" level=error msg="[OAuth] OAuth response marked as error" RemoteAddr="::1" client_id=<< my client id >> org_id=basic response code=403 response error="The authorization server encountered an unexpected condition that prevented it from fulfilling the request."
But when I get the clients list using the gateway API I can see my client there.
Even after I saw this error with refresh token if I try to access the API using the same access token, client ID etc. I am getting my API response successfully.
I had used the same method for refreshing token for Authorisation code flow as well and it works fine.
PS: I can create new access tokens without using refresh token for the same client ID again. Or is it like refresh token is not supported in Username password grant type flow?
Can somebody please help me with this as early as possible.
