Rest API Add-on configuration

charles.njihia · April 27, 2022, 5:38pm

Hi,
Am having an issue after adding the rest api add-on and configuring the application.properties file with the clientId and clientsecret properties, on running I get the following error when I try and get a token.
{
“error”: “unauthorized”,
“error_description”: “There is no client authentication. Try adding an appropriate authentication filter.”
}

Is there a configuration am missing?

krivopustov · April 29, 2022, 10:54am

How do you get the token (request URL, headers, body)?
What Jmix version are you using?

charles.njihia · April 29, 2022, 12:14pm

The curl to get the auth token is as follows:
curl --location --request POST ‘http://localhost:8080/oauth/token/’ \

–header ‘Authorization: Basic Y2xpZW50OnNlY3JldA==’ \

–header ‘Content-Type: application/x-www-form-urlencoded’ \

–data-urlencode ‘grant_type=password’ \

–data-urlencode ‘username=admin’ \

–data-urlencode ‘password=*****’

Am using jmix version 1.2.2

krivopustov · April 29, 2022, 3:10pm

It looks correct.

Do you have these dependencies in build.gradle?

implementation("io.jmix.security:jmix-security-oauth2-starter")
implementation("io.jmix.rest:jmix-rest-starter")

Maybe you have some custom security configuration?

charles.njihia · April 29, 2022, 3:38pm

I have the dependencies configured. I do not have a custom security configuration. I have tested the same with a new project, one entity and the rest api addon configured with the settings as earlier indicated and I get same results.

krivopustov · May 4, 2022, 2:00pm

If you have a test project, please attach it here.

charles.njihia · May 5, 2022, 2:20pm

sample_rest_project.zip (279.6 KB)

krivopustov · May 9, 2022, 2:20pm

Thanks for the project.
I’ve run it and got the token without any problems:

% curl -X POST http://localhost:8080/oauth/token \
   --basic --user client:secret \
   -H "Content-Type: application/x-www-form-urlencoded" \
   -d "grant_type=password&username=admin&password=admin"

{"access_token":"etfRDzSEE6RK8LMBMz8u6EjRdfk","token_type":"bearer","refresh_token":"zPH1mvijKHSESjH3ksfgEQQ3W1I","expires_in":43199,"scope":"api","OAuth2.SESSION_ID":"D3204A4F4358EEE2A99DF702F0E4086A"}

Please make sure you use curl correctly. If you are on Windows, remove \ symbols and write the command in a single line.

charles.njihia · May 9, 2022, 3:19pm

krivopustov:

curl -X POST http://localhost:8080/oauth/token \
   --basic --user client:secret \
   -H "Content-Type: application/x-www-form-urlencoded" \
   -d "grant_type=password&username=admin&password=admin"

Thanks very much

scarfagna72 · April 17, 2024, 9:18am

krivopustov:

curl -X POST http://localhost:8080/oauth/token \
   --basic --user client:secret \
   -H "Content-Type: application/x-www-form-urlencoded" \
   -d "grant_type=password&username=admin&password=admin"

Does it work on Jmix 2.2.1 ?

krivopustov · April 18, 2024, 8:21am

No, currently Jmix 2.2 supports only Client Credentials and Auth Code grants, see Access Control :: Jmix Documentation

But we are going to implement Resource Owner Password Credentials grant in the next release 2.3 in June 2024, see Implement Resource owner password credentials grant in Authorization server add-on · Issue #2499 · jmix-framework/jmix · GitHub