I was running this through Postman and everything seems to work, but using code it failed.
When running this through Postman works:
https:// [yourdomain.okta.com/oauth2/v1/token
with body params of:
grant_type authorization_code
client_id YOURCLIENTID
redirect_uri REDIRECTURI
code AUTHORIZATION CODE FROM /authorize
code_verifier CODEVERIFIER
But running through Java code after getting the ‘code’ value:
HashMap<String, String> headers = new HashMap<>();
headers = new HashMap<>();
headers.put("Content-Type", "application/x-www-form-urlencoded");
headers.put("Accept", "*/*");
headers.put("Connection", "keep-alive");
JSONObject requestParams = new JSONObject();
requestParams.put("grant_type", "authorization_code");
requestParams.put("client_id", some_client_id);
requestParams.put("redirect_uri", some_callback_url);
requestParams.put("code_verifier",some_code_verified);
requestParams.put("code", code);
RestAssured.baseURI = accessTokenURL;
RequestSpecification request = SerenityRest.given();
request.headers(headers);
request.body(requestParams.toString());
Response post = request.post();
Getting the following response:
{
“errorCode”: “invalid_client”,
“errorSummary”: “A client_id must be provided in the request.”,
“errorLink”: “invalid_client”,
“errorId”: some_error_id,
“errorCauses”: [
]
}
These seems to be the exact parameters used in Postman, am Im missing something (ie: like client_secret_id) ?