0

I'm trying to use JdbcOauth2AuthorizedClientService to persist the authorized client info such as access_token and refresh_token in a Stateless microservice. I'm getting below error, I never get to resolve the required resource and authorized client info never gets saved in Postgres.

[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: 500 Internal Server Error: "{"timestamp":1672302575797,"status":500,"error":"Internal Server Error","exception":"org.glassfish.jersey.server.internal.process.MappableException","message":"java.lang.IllegalArgumentException: Unsupported contentType: application/json","path":"/oauth2-v1/oauth2/token"}" enter image description here

Interestingly, when I use the InMemoryOAuth2AuthorizedClientService implementation OAuth2 flow works fine. Error message doesn't look has anything to do with JDBC/DB connection.

I decided to use this implementation per this answer

I'm using the Postgres schema version for table oauth2_authorized_client:

CREATE TABLE oauth2_authorized_client (
  client_registration_id varchar(100) NOT NULL,
  principal_name varchar(200) NOT NULL,
  access_token_type varchar(100) NOT NULL,
  access_token_value bytea NOT NULL,
  access_token_issued_at timestamp NOT NULL,
  access_token_expires_at timestamp NOT NULL,
  access_token_scopes varchar(1000) DEFAULT NULL,
  refresh_token_value bytea DEFAULT NULL,
  refresh_token_issued_at timestamp DEFAULT NULL,
  created_at timestamp DEFAULT CURRENT_TIMESTAMP NOT NULL,
  PRIMARY KEY (client_registration_id, principal_name)
);

I have tried the following:

  1. Read LobHandler interface documentation where it states that different database drivers will behave differently with regards to BLOB data type handling, so in my case, for Postgres, they recommend:
  • Creating a DefaultLobHandler with wrapAsLob = true
Randy Mujica
  • 21
  • 6
  • Have you tried changing `access_token_value` and `refresh_token_value` type to `text` from `bytea` in your schema? – Elyorbek Ibrokhimov Dec 30 '22 at 10:25
  • @Elyorbek Yes, just tried that and still get the same error. It's interesting that error states that the internally created endpoint `/oauth2-v1/oauth2/token` doesn't accept `application/json` Content-Type, which to me is unrelated to use a different service implementation. – Randy Mujica Jan 03 '23 at 06:27

1 Answers1

0

I was able to resolve the issue with the following:

  • A small detail that I didn't mention is that I'm using LiquidBase for schema migrations in my project, so Liquibase Spring Boot auto configuration automatically creates schema for me from the schema definitions YAML/XML.
  • I removed my previously created table oauth2_authorized_client
  • I changed my LiquiBase schema definition to remove access_token_value -> NOT NULL constraint and used DEFAULT NULL (same as refresh_token_value).
  • I ran again the application and this time it worked

Apparently, JdbcOauth2AuthorizedClientService tries to insert an entry with access_token_value null at some point in the flow...

Randy Mujica
  • 21
  • 6