Android OAuth Retrofit Access Token Request

Question

Can anyone tell the exact format to convert below code into retrofit

curl -X POST -d "grant_type=password&username=admin&password=admin&scope=read+write" -u"clientId:clientSecret" http://myserver/o/token/

I have tried something like this but it isn't working

@FormUrlEncoded
@POST("/o/token/")
AccessTokenResponse getToken(@Field("client_id") String client_id, @Field("client_secret") String client_secret,
    @Field("grant_type") String grant_type, @Field("username") String username,
    @Field("password") String password, @Field("scope") String scope);

Authentication error: Unable to respond to any of these challenges 401 Unauthorized error is being raised !! — Revanth Gopi, May 09 '15 at 03:29

score 8 · Answer 1 · answered May 10 '15 at 04:23

Client credentials should be authenticated with Basic Authentication. i.e with header

Authorization: Basic base64encode(clientId:clientSecret)

where base64encode(clientId:clientSecret) is the actual base64 encoded string of clientId:clientSecret. So to update your interface it might look something more like

public interface OAuthTokenService {

    @POST("/api/token")
    @FormUrlEncoded
    @Headers({
        "Accept: application/json"
    })
    AccessTokenResponse getAccessToken(@Field("grant_type") String grantType,
                                       @Field("username") String username,
                                       @Field("password") String password,
                                       @Header("Authorization") String authorization);    
}

Then to set the header, do something like

public class Main {

    public static void main(String[] args) {
        RestAdapter restAdapter = new RestAdapter.Builder()
                .setLogLevel(RestAdapter.LogLevel.FULL)
                .setEndpoint("http://localhost:8080")
                .setConverter(new JacksonConverter())
                .build();

        OAuthTokenService service = restAdapter.create(OAuthTokenService.class);
        byte[] credentials = "clientId:clientSecret".getBytes();
        String basicAuth = "Basic " + Base64.getEncoder().encodeToString(credentials);

        AccessTokenResponse response = service
                .getAccessToken("password", "admin", "admin", basicAuth);
        System.out.println(response.getAccessToken());
    }
}

Note the above uses Java 8 for the java.util.Base64 class. You may not be using Java 8, in which case you will need to find a different encoder.

I am also using Jackson for conversion, only because I don't use Gson. The above has been tested and should work for you also.

@IgorGanapolsky it's made up. It should have all the properties that come in the response. Its just a POJO just like you would handle any other JSON response. — Paul Samsotha, Feb 11 '16 at 18:20

score 6 · Answer 2 · answered Mar 18 '19 at 20:49

With OkHttp interceptors this is made easier.

Interceptor interceptor = chain -> {
        Request original = chain.request();
        Request request = original.newBuilder()
                .header("Authorization", Credentials.basic(CLIENT_ID, CLIENT_SECRET))
                .method(original.method(), original.body())
                .build();
        return chain.proceed(request);
    };

OkHttpClient client = new OkHttpClient.Builder()
            .addInterceptor(interceptor)
            .build();

return new Retrofit.Builder()
                .baseUrl(baseURL)
                .client(client)
                .addConverterFactory(GsonConverterFactory.create())
                .build();

The Credentials.basic method will base 64 encode your client id and client secret. The interceptor is then attached to the OkHttpClient client and added to the Retrofit object.

Android OAuth Retrofit Access Token Request

2 Answers2

Linked