"PUT" request with oauth2

Question

Can I use a "PUT" request with oauth2? I have written a REST API, application using Java servelet. When I use "POST" request, I am given a succeeded response with access_token.

But, when I use "PUT" request, I am given following error.

{"error_description":"Missing grant_type parameter value","error":"invalid_request"}

I have clealy configured the things PUT request as well as POST request as follows.

POST request

public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
    try
    {
      handleGrants(request, response);
    }
    catch (Exception e)
    {
      response.getWriter().write("Error in Authentication System!! ");
      logger.error("Failed trying to get tokens", e);
    }
    finally
    {
      response.getWriter().flush();
      response.getWriter().close();
    }
}

PUT request

public void doPut(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
    try
    {
      handleGrants(request, response);
    }
    catch (Exception e)
    {
      response.getWriter().write("Error in Authentication System!! ");
      logger.error("Failed trying to get tokens", e);
    }
    finally
    {
      response.getWriter().flush();
      response.getWriter().close();
    }
}

my body parameters for both "PUT" and "POST" request as follows.

Answer 1

From the given error, what I can say is that your handleGrants method is not getting request body. Thus it says grant type cannot be determined. May be you should debug and see the parameter usage inside the function.

Regardless, OAuth 2.0 mandate to use POST for token endpoint.

3.2. Token Endpoint

The client MUST use the HTTP "POST" method when making access token requests.

So please stick to what specification says and use POST.

Appendix

According to RFC2119

MUST

This word, or the terms "REQUIRED" or "SHALL", mean that the definition is an absolute requirement of the specification.