google-app-engineoauth-2.0oltu

OAuthProblemException from apache.amber.oauth2

I'm looking for OAuth2 library for Google App Engine (GAE).

By using the example from: https://github.com/ndhu/GoogleAppEngineOAuth My env:

I have below exception. Seem like the problem happen when getting access token from oAuthClient object. And those warnings are before the exception should be related to oAuthClient construction.

p/s: Same warning and exception even after I changed the org.apache.amber.oauth2 package to org.apache.oltu.oauth2 (vesion 1.0.2):

OAuthProblemException{error='invalid_request', description='Missing parameters: access_token', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}
    at org.apache.oltu.oauth2.common.exception.OAuthProblemException.error(OAuthProblemException.java:59)

Any help?

INFO: Dev App Server is now running
May 15, 2017 12:50:38 PM com.google.appengine.repackaged.com.google.protobuf.UnsafeUtil supportsUnsafeByteBufferOperations
WARNING: platform method missing - proto runtime falling back to safer methods: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.sun.misc")
May 15, 2017 12:50:38 PM com.google.appengine.repackaged.com.google.protobuf.UnsafeUtil supportsUnsafeArrayOperations
WARNING: platform method missing - proto runtime falling back to safer methods: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.sun.misc")
May 15, 2017 12:50:38 PM com.google.appengine.repackaged.com.google.protobuf.UnsafeUtil supportsUnsafeCopyMemory
WARNING: copyMemory is missing from platform - proto runtime falling back to safer methods.
OAuthProblemException{description='Missing parameters: access_token', error='invalid_request', uri='null', state='null', scope='null'}
    at org.apache.amber.oauth2.common.exception.OAuthProblemException.error(OAuthProblemException.java:57)
    at org.apache.amber.oauth2.common.utils.OAuthUtils.handleOAuthProblemException(OAuthUtils.java:166)
    at org.apache.amber.oauth2.common.utils.OAuthUtils.handleMissingParameters(OAuthUtils.java:184)
    at org.apache.amber.oauth2.client.validator.OAuthClientValidator.validateRequiredParameters(OAuthClientValidator.java:90)
    at org.apache.amber.oauth2.client.validator.OAuthClientValidator.validateParameters(OAuthClientValidator.java:53)
    at org.apache.amber.oauth2.client.validator.OAuthClientValidator.validate(OAuthClientValidator.java:49)
    at org.apache.amber.oauth2.client.response.OAuthClientResponse.validate(OAuthClientResponse.java:64)
    at org.apache.amber.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:59)
    at org.apache.amber.oauth2.client.response.OAuthAccessTokenResponse.init(OAuthAccessTokenResponse.java:52)
    at org.apache.amber.oauth2.client.response.OAuthClientResponseFactory.createCustomResponse(OAuthClientResponseFactory.java:60)
    at org.apache.amber.oauth2.client.URLConnectionClient.execute(URLConnectionClient.java:105)
    at org.apache.amber.oauth2.client.OAuthClient.accessToken(OAuthClient.java:64)
    at com.hulstkamp.explore.oauth.com.OAuthServlet.requestAccessToken(OAuthServlet.java:207)
    at com.hulstkamp.explore.oauth.com.OAuthServlet.handleAuthorizationResponse(OAuthServlet.java:82)
    at com.hulstkamp.explore.oauth.com.OAuthServlet.doGet(OAuthServlet.java:52)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
    at com.google.appengine.api.socket.dev.DevSocketFilter.doFilter(DevSocketFilter.java:74)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.ResponseRewriterFilter.doFilter(ResponseRewriterFilter.java:134)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.HeaderVerificationFilter.doFilter(HeaderVerificationFilter.java:34)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:63)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectRequest(DevAppServerModulesFilter.java:366)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectModuleRequest(DevAppServerModulesFilter.java:349)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doFilter(DevAppServerModulesFilter.java:116)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
    at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
    at com.google.appengine.tools.development.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:95)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:508)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
    at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
    at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Solution

  • Problem fixed after I changed the response class from GitHubTokenResponse to OAuthJSONAccessTokenResponse in oAuthClient.accessToken(...) method.

    That is because the documents on Apache oltu is outdated https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Client+Quickstart

    Where exchange OAuth code for an access token response from Facebook is now in json format, eg: {"access_token":"","token_type":"bearer"}