Topic
  • 8 replies
  • Latest Post - ‏2015-04-27T14:55:20Z by d.m.spice
Arindam Guha
Arindam Guha
10 Posts

Pinned topic Refresh Token in 2-legged OAuth

‏2014-06-05T04:33:50Z |

Hi,

We are implementing 2-legged OAuth. I have below questions:

 

1. How can we get the refresh token along with access token in 2-legged Oauth implementation?[except "resource owner credential" as I have already used it]

 

2. After getting the refresh token, how can we use it to get access tokens without using any username/password in our request? What are all parameters mandatory for using the refresh token?

 

Please let me know if anyone implements it before.

 

Thanks,

Arindam

  • Arindam Guha
    Arindam Guha
    10 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2014-06-06T03:53:31Z  

    Hi All,

    Please help me if you have any details.

    Thanks,

    Arindam

  • John_Rasmussen
    John_Rasmussen
    55 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2014-06-06T14:03:21Z  

    Hi All,

    Please help me if you have any details.

    Thanks,

    Arindam

    Arindam,

    what release of the DP Firmware are you using?

    did you change the Number of Refresh Token Allowed in the OAuth Client Profile?

    what if any error messages are you receiving ?

     

    John

  • Arindam Guha
    Arindam Guha
    10 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2014-06-09T07:47:35Z  

    Arindam,

    what release of the DP Firmware are you using?

    did you change the Number of Refresh Token Allowed in the OAuth Client Profile?

    what if any error messages are you receiving ?

     

    John

    Hi John,
    I am using XI52.6.0.0.1 firmware. Yes, I have changed the refresh token number 0 to 2. I am also getting refresh token along with access token but my question is what are all parameters mandatory for using the refresh token to get the new access tokens?
    Thanks,
    Arindam
  • JatinIBMDW
    JatinIBMDW
    14 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2014-06-09T18:00:54Z  
    Hi John,
    I am using XI52.6.0.0.1 firmware. Yes, I have changed the refresh token number 0 to 2. I am also getting refresh token along with access token but my question is what are all parameters mandatory for using the refresh token to get the new access tokens?
    Thanks,
    Arindam

    Hi Arindam,

    For an OAuth2 "client credentials" grant type, a refresh token should NOT be included in the access_token response from the authorization server. This behavior is as per the following RFC:

    http://tools.ietf.org/html/rfc6749#section-4.4.3

    Regards,

    Jatin

     

    Updated on 2014-06-09T18:01:12Z at 2014-06-09T18:01:12Z by JatinIBMDW
  • John_Rasmussen
    John_Rasmussen
    55 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2014-06-09T19:44:34Z  
    Hi John,
    I am using XI52.6.0.0.1 firmware. Yes, I have changed the refresh token number 0 to 2. I am also getting refresh token along with access token but my question is what are all parameters mandatory for using the refresh token to get the new access tokens?
    Thanks,
    Arindam

    Arindam

     resource owner grant type (for 2 legged) supports refresh token

    The use of the refresh token is described here:

    http://tools.ietf.org/html/rfc6749#section-6

     

    John

  • Arindam Guha
    Arindam Guha
    10 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2014-06-13T07:10:40Z  

    Arindam

     resource owner grant type (for 2 legged) supports refresh token

    The use of the refresh token is described here:

    http://tools.ietf.org/html/rfc6749#section-6

     

    John

    Hi John,

    I am implementing the same but got this error "{ "error":"invalid_request", "error_description":"Multiple refresh_token in request" }".

    PFB the request

    grant_type=refresh_token&refresh_token=<refresh token>&scope=<scope>

    Could you please help me on this?

    Thanks,

    Arindam

  • d.m.spice
    d.m.spice
    78 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2015-04-24T19:37:31Z  

    Hi John,

    I am implementing the same but got this error "{ "error":"invalid_request", "error_description":"Multiple refresh_token in request" }".

    PFB the request

    grant_type=refresh_token&refresh_token=<refresh token>&scope=<scope>

    Could you please help me on this?

    Thanks,

    Arindam

    Hello,

    Bumping this thread back to life.  I'm experience the same errors attempting to retrieve an access token from a refresh token.  I'm at a loss.  I've attached the debug XML for the EI step of the AAA.

    Thanks in advance!

    Attachments

  • d.m.spice
    d.m.spice
    78 Posts

    Re: Refresh Token in 2-legged OAuth

    ‏2015-04-27T14:55:20Z  
    • d.m.spice
    • ‏2015-04-24T19:37:31Z

    Hello,

    Bumping this thread back to life.  I'm experience the same errors attempting to retrieve an access token from a refresh token.  I'm at a loss.  I've attached the debug XML for the EI step of the AAA.

    Thanks in advance!

    Just spoke with IBM.  There was an issue with the tool I was using to test.  It was putting the parameters both in the URL and the Body.  Curl to the rescue :)