Skip to content

Commit

Permalink
Merge pull request #12185 from YasasRangika/master
Browse files Browse the repository at this point in the history
Fix returning the 500 error response when invoking the API after expiring the generated refresh token for the endpoint security
  • Loading branch information
YasasRangika authored Nov 17, 2023
2 parents bdabf3d + 84f1849 commit 1806ea3
Showing 1 changed file with 5 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -82,11 +82,13 @@ public static TokenResponse generateToken(String url, String clientId, String cl
// Set authorization header
httpPost.setHeader(APIConstants.OAuthConstants.AUTHORIZATION_HEADER, "Basic " + credentials);
httpPost.setHeader(APIConstants.HEADER_CONTENT_TYPE, APIConstants.OAuthConstants.APPLICATION_X_WWW_FORM_URLENCODED);
if (refreshToken != null) {
if (APIConstants.OAuthConstants.CLIENT_CREDENTIALS.equals(grantType)) {
// As per the RFC 6749, a refresh token should not be included in token response for client credentials grant type.
refreshToken = null;
payload.append(APIConstants.OAuthConstants.CLIENT_CRED_GRANT_TYPE);
} else if (refreshToken != null) {
payload.append(APIConstants.OAuthConstants.REFRESH_TOKEN_GRANT_TYPE)
.append("&refresh_token=").append(refreshToken);
} else if (APIConstants.OAuthConstants.CLIENT_CREDENTIALS.equals(grantType)) {
payload.append(APIConstants.OAuthConstants.CLIENT_CRED_GRANT_TYPE);
} else if (APIConstants.OAuthConstants.PASSWORD.equals(grantType)) {
payload.append(APIConstants.OAuthConstants.PASSWORD_GRANT_TYPE + "&username=")
.append(URLEncoder.encode(username, APIConstants.DigestAuthConstants.CHARSET)).append("&password=")
Expand Down

0 comments on commit 1806ea3

Please sign in to comment.