cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
prakrisin
Community Member

POST /login/oauth2/token Error response - java API

Hi,

As Per the OAuth2 Endpoints - Canvas LMS REST API Documentation  I just follow the 3rd step in the OAuth 2 Access token getting from canvas LMS.

See Section 4.1.3 of the OAuth2 RFC for more information about this process.

POST /login/oauth2/token

Parameters

ParameterDescription
grant_type Values currently supported "authorization_code"
client_id The client id for your registered application.
client_secret The client secret for your registered application.
redirect_uri If a redirect_uri was passed to the initial request in step 1, the same redirect_uri must be given here.
code
Required if grant_type is authorization_code. The code you received in a redirect response.

"HTTP/1.1 400 Bad Request[\r][\n]"

"{"error":"invalid_request","error_description":"client does not have access to specified account","message":"invalid code"}[\r][\n]"

HttpClient client = HttpClientBuilder.create().build();

  HttpPost post = new HttpPost(ConsumerUrl);

  List<NameValuePair> urlParameters = new ArrayList<NameValuePair>();

  //hard coded for testing

  urlParameters.add(new BasicNameValuePair("grant_type", "authorization_code"));

  urlParameters.add(new BasicNameValuePair("client_id", clientId));

  urlParameters.add(new BasicNameValuePair("client_secret", clientSecret));

  urlParameters.add(new BasicNameValuePair("redirect_uri", contextPath));

  urlParameters.add(new BasicNameValuePair("code", code));

  post.setEntity(new UrlEncodedFormEntity(urlParameters));

  HttpResponse httpResponse  client.execute(post);

String textView="";

  BufferedReader rd = new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent()));

  if(httpResponse.getStatusLine().getStatusCode()==200){

  String line = "";

  while ((line = rd.readLine()) != null) {

  textView+=line;

  }

  JSONObject resjson=new JSONObject(textView);

  partnerConfig.setAccessToken(resjson.getString("access_token"));

  partnerConfig.setRefreshToken(resjson.getString("refresh_token"));

  partnerConfig.setHostStatus("true");

  }else{

  out.println("Error response from canvas response :"+httpResponse.getStatusLine().getStatusCode());

  }

And for Https protocol facing time out error.

9 Replies
kona
Community Coach
Community Coach

 @prakrisin ​, for this type of highly technical/back-end Canvas question you'll probably get more of a response from the Canvas Developers​ group in the Community. I'm going to go ahead and share it with them so hopefully you'll get a timely response!

James
Community Champion

 @prakrisin ​,

I think there's a question in there somewhere -- like "Why isn't this working?" or "What's wrong with my code?"

First, I'll start with the disclaimer that I don't know Java so I may be misreading what's happening. I'll throw out some things and maybe one of them will work or lead you to a solution.

The thing that jumps out at me is that you're trying to treat the POST the same way you would a GET or PUT and encode the values into the URL itself. While this may be allowed, it's typically not done and POST's are sent to the Canvas REST API is done as application/x-www-form-urlencoded or application/json. I say that because when I read things the specs, it looks like PUT commands should be able to work similar to POST commands and not have the URL contain the commands, but I have never been able to get a PUT to the Canvas API to work if I don't put the PUT in the query parameters. Maybe the reverse is true here. The example POST they have doesn't contain any parameters on the command line.

I haven't messed with the oauth token generation, but there is a note that says "If a redirect_uri was passed ..." so you might want to make sure that it's present before adding it. Also, in your other parameters, you named your parameter by the name of the value returned, but for redirect_uri, instead of calling it redirectUri, you called it contextPath. If they're not the same, thing could cause it to fail. If it's not present and you're trying to pick something else because you think it has to be there, that would be a problem as well.

There's obviously a bunch of code that happened before the snippet you included and it can be difficult to see the problem if it occurs before the part you've included.

Also, I would seriously consider finding an oauth2 library for Java and just use it. Here's a list of some server and client libraries​. I don't code Java and don't have a recommendation on which would be best, but a good library can go a long way to simplifying your code and eliminating problems like this.

Stefanie
Community Team
Community Team

 @prakrisin ​, we haven't heard from you in a while. Did  @James ​'s advice solve the problem?

Robbie_Grant
Community Coach
Community Coach

 @prakrisin ​,

Where you able to find an answer to your question?  It does not look like the users community has a lot experience with this issue.  Did the advice that  @James  provide help? I am going to go ahead and mark this question as assumed answered.  This will not prevent anyone from replying or finding this question.

Robbie

kfwong
Community Member

I have had the same issue when trying to implement the OAuth2 by PHP.

I even tried to use other's PHP library and both of them with the same response.

'client does not have access to specified account'

Until now I still don't know how to solve this problem after I have dig into different search engine for 2 days.

Did anyone find a solution, I too have been searching hard. No answer yet.
I get this error : {"error":"invalid_request","error_description":"client does not have access to specified account","message":"invalid code"}

Despite all the credentials being correct.

Hi there, just to tell I still cannot find a solution and I don't think this community will give us a help. @pallavi_dhanuka ​

We ran into the same error using the Bitnami Canvas LMS 2016.04.23.03-2 (64-bit) image. The issue here was that the default setup has a faulty Redis setup (Redis is required for OAuth to work in Canvas).

The user is never notified of the faulty Redis setup as the ignore_redis_failures-settings defaults to true, and you end up with the client does not have access to specified account error.

s528180
Community Participant

Hi King Fat Wong,

I am also facing similar issue.

However my issue is slightly different. I am getting this error only first time when I run my application. Second time onward its working fine. My application is on NodeJs platform hosted on IIS server. If you can help with that, it will be useful