Unable to create SCIM client using access token

By: Nagarajan Viswanathan user 20 Aug 2015 at 6:17 a.m. CDT

4 Responses
Nagarajan Viswanathan gravatar
Hi, There are two Constructors in ScimClient.java. One using access token and another using credentials. I would like to use the one with accesstoken as it uses Oauth 2.0. The problem is using a client created using access token constructor always results in 401 Unauthorized status, though valid accesstoken and expiresin time is used. This needs to be corrected. My code given below to create a person that does not work and always results in authorization error (401 unauthorized) /** gluu domain for SCIM */ String SCIM_DOMAIN = "https://six-24.rdg.ac.uk/identity/seam/resource/restv1"; /** OpenID Connect token endpoint URL */ String OAUTH_TOKEN_ENDPOINT = "https://six-24.rdg.ac.uk/oxauth/seam/resource/restv1/oxauth/token"; long expires_in = extractExpiryTime(access_token) + System.currentTimeMillis(); //adding current ms to overcome the check in isValidToken() method in initOAuthAuthentication() ScimClient client = ScimClient.oAuthInstance(access_token, expires_in, SCIM_DOMAIN, OAUTH_TOKEN_ENDPOINT); ScimResponse res = client.createPersonString(prop_json, MediaType.APPLICATION_JSON); ---------------------- Analysing the code, I think the problem is in OAuthScimClientImpl.java under SCIM-Client implementation. In the method initOAuthAuthentication(), isValidToken(now) is called and if it is invalid then getOAuthAccessToken() is called to get the access token. getOAuthAccessToken() uses the method execResourceOwnerPasswordCredentialsGrant(this.userName, this.passWord,this.scope, this.clientID, this.clientSecret) irrespective of whether the constructor is called using access token or not. So in the case of scim client created using the constructor with access token, the object might not have username and password
None
closed

Answers

By Yuriy Movchan staff 20 Aug 2015 at 2:37 p.m. CDT

Copy
Yuriy Movchan gravatar
Hi, In OX documentation there is page: http://www.gluu.org/docs/admin-guide/user-management/#scim-oxauth-authentication/ It contains next example: ` package gluu.scim.client.dev.local; import gluu.scim.client.ScimClient; import gluu.scim.client.ScimResponse; import javax.ws.rs.core.MediaType; public class TestScimClient { public static void main(String[] args) { final ScimClient scimClient = ScimClient.oAuthInstance("admin", "secret", "@!9BCF.396B.14EB.1974!0001!CA0D.1918!0008!2F06.F0DF", "secret", "https://centos65.gluu.info/identity/seam/resource/restv1", "https://centos65.gluu.info/oxauth/seam/resource/restv1/oxauth/token"); try { ScimResponse response1 = scimClient.retrievePerson("@!9BCF.396B.14EB.1974!0001!CA0D.1918!0000!A8F2.DE1E.D7FB", MediaType.APPLICATION_JSON); System.out.println(response1.getResponseBodyString()); } catch (Exception ex) { ex.printStackTrace(); } } } ` Can you try to run this sample code. Please, update parameters to conform your VM.

By Nagarajan Viswanathan user 21 Aug 2015 at 4:01 a.m. CDT

Copy
Nagarajan Viswanathan gravatar
Hi, The constructor with credentials and the CRUD operations on Person string works fine. i.e., The above code runs fine as we pass username and password. The problem i have is with respect to the constructor with access token. Please let me know if you need more info or I am also ready to skype if you wish. Thanks Naga

By Nagarajan Viswanathan user 27 Aug 2015 at 8:22 a.m. CDT

Copy
Nagarajan Viswanathan gravatar
Hi, Could any one look into this please? If you cannot or if this is going to take a long time, please let me know, so that I can take an action. Thanks Naga

By Muhammad Usman named 17 Oct 2015 at 2:11 a.m. CDT

Copy
Muhammad Usman gravatar
Hi Naga, Your query is still in progress, we'll get back to you soon. Thanks!

Post an answer