I’m trying to make an OAuth 2.0 Provider and an Android application that is able to connect to the provider using OAuth 2.0. I have the following setup:
A tomcat server with the J2EE example OAuth 2.0 provider named ‘sparklr’ from springsource. When I test it with the example ‘Tonr’ it works perfectly.
Now I want an Android application that does more or less the same as the example Tonr application. Accessing the photo resources from the sparklr application using OAuth 2.0
But I’m stuck. I’m using the leeloo libraries which have been moved to apache amber. To be exact I’m using the following tutorial: http://simpleprogrammer.com/2011/05/25/oauth-and-rest-in-android-part-1/
The first fase of the application works. The browser starts and I get the sparklr page to login and authorize the request.
But when I try to get the access token the application crashes. I didn’t get any wiser from the logcat so I used debug to get the request. The following code builds the request:
request = OAuthClientRequest.tokenLocation("http://10.106.0.16:8084/sparklr/oauth/token")
.setGrantType(GrantType.AUTHORIZATION_CODE)
.setClientId("tonr")
.setClientSecret("secret")
.setRedirectURI("MyOAuth2POC://oauthresponse")
.setCode(code)
.setScope("trust")
.buildBodyMessage();
All the parameters are there and it looks correct to me. But I get the following output:
{ “error”: “invalid_grant”, “error_description”: “Invalid
authorization code: MASCID” }
So obviously something goes wrong with the scope parameter. I tried to set it to ‘trust’ instead of ‘read’ but no different result. Do I need to change something in the sparklr application? Or am I doing something wrong with the Android application, and what?
Hope someone can help.
thx!
the problem wasn’t in my url to get the access token but in the url of my request token.
I didn’t specify the scope there.
I added the parameters to my url for authorization like this: http://…/sparklr/oauth/authorize?scope=read&response_type=code
and now it does work.
I was looking at the wrong place..