POST request "Full authentication is required to access this resource"

Question

Does anybody encountered the error "Full authentication is required to access this resource" trying to authenticate by using POST request oauth/token?

Curl command:

curl localhost:85/oauth/token -d grant_type=password -d client_id=web_app -d username=reader -d password=reader

Response:

{"timestamp":1486841819620,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/oauth/token"}

ResourceServerConfiguration configure

http .csrf().disable() .authorizeRequests() .antMatchers("/**").authenticated() .antMatchers(HttpMethod.GET, "/me").hasAuthority("FOO_READ")

WebSecurityConfig configure

http .csrf().disable() .exceptionHandling() .authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))

Thanks!

Answer 1

This error message is from your own back end server. It is a spring framework error. If you check this with 2 providers, you can see that the error message is the same for both. The source of the problem, in my case, was my wrong mapping as a call back url. I configured my server to permit all requests that hit the endpoint localhost:8080/oauth2/callback/** to pass without authentication while the callback coming from the providers was configured as localhost:8080/login/oauth2/**. I did this mistake following this tutorial. For any reason, if there is a mismatch between these configurations, you will get the error.