[BUG] Support Needed: [invalid_token_response] -> OAuth 2.0 Access Token Response: 401 Unauthorized: [no body] #20823
Comments
ghost
added
needs-triage
joshfree
added
azure-spring
ghost
removed
the
needs-triage
|
@stliu PTAL |
BillyBolton
changed the title
|
Hi @BillyBolton , sorry for the late response, we will look into it soon. Besides, considering that our sample can work as expected with your credentials, could you provide another sample project which can reproduce the issue you mentioned? Currently from the error log, we could see that your App failed to acqurie token from AAD, so please first make sure your credentials info (tetant-id, client-id, client-secret and groups) in src/resources/application.xml are correct, and also the scopes your app is requesting have been configured (if admin consent is required, please grant it) in Azure Portal. If there is nothing wrong with your configuration, I think a sample project that can reproduce your issue can help us debug your app and figure out its token request. Also, if possible, would you like to share the Manifest of your App registration (for concerns about info leakage, a test App is welcome) in Azure Portal which could help us to check your application configuration? |
|
Hi there, @yiliuTo. Here is a sample project that replicates the issue, including a dummy account to test the authentication with. All the details are in the ReadMe. I was able to solve the issue of a no body token response. Indeed, it was a credential issue -- a small typo... However I'm receiving a redirect issue now. This issue occurred both in my project, and the MS sample when I converted it from Maven to Gradle. The error I receive is:
Is there a more recent fix for this other than the work around mentioned in that issue? I'm curious why this extra dependency is needed just when converting from a Maven to Gradle setup. If this is indeed a Gradle specific work-around, should it be included in the documentation? Thank you in advance for your help. I've been looking at this for weeks! I can't wait to get this up and running. 🙂 |
|
Hi @BillyBolton thanks for your detailed information. I noticed that in your build.gradle, the spring boot you selected is 2.4.2. And according to spring-boot-dependencies: 2.4.2, its nimbus-jose-jwt.version is 9.1.3 which has conflicts with the one 8.20.2 in our starter. Also I noticed in your build.gradle, you specify the version of some spring boot libraries as 2.4.3, so if the actual expected Spring Boot is 2.4.3, I suggest you changing its bom version because in 2.4.3 the nimbus-jose-jwt is 8.20.2, which can resolve the dependency conflict together. Also, for your question
We currently haven't fixed the breaking changes of nimbus.
In our sample , the spring boot parent is 2.4.5 which brings in nimbus of 8.20.2. Thus the version conflict is avoided when you try our sample. Besides, as I read your build.gradle, I noticed that you have imported 3 of our starters: May I know why you use 2 versions of the active directory starters(aad starter for short)? Also, for 3.3.0, if you just need the aad starter, you can remove com.azure.spring:azure-spring-boot-starter:3.3.0. |
|
Hi @yiliuTo, Thank you for the response. I've been playing around with multiple MS tutorials so I must have had some duplicate dependencies there. Thanks for catching that. You've been a great help. Thanks again for your support. 💯 |
|
Hi @BillyBolton , I am so glad that I could help. And just a reminder, don't forget to update your credentials or delete that test account as they are now exposed in your repo. |
[Hub Generated] Review request for Microsoft.DataProtection to add version preview/2022-09-01-preview (Azure#20823) * Adds base for updating Microsoft.DataProtection from version stable/2022-05-01 to version 2022-09-01-preview * Updates readme * Updates API version in new specs and examples * Changes for SecuritySettings * Adding immutabilitySettings * Adding extension routing API * type change for retentionDurationInDays * DppResourceGuardProxy operations and related definitions * prettier fix * fixing default block position in resourceguardproxy operations * Added description for SoftDelete enum * fixing description * Reverting enum description * fixing json * adding back enum value description Co-authored-by: Srinivas Charan Madu <smadu@microsoft.com>
|
hi @BillyBolton , Now i am getting the same error , can you please share the sample project that is working state . It would help alot . My mail : Venkat.Thotakura@almullaexchange.com |
Query/Question
I keep getting the error: "Login with OAuth 2.0 - [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: 401 Unauthorized: [no body]" when I try to access my front-end app. (I'm just trying to make sure the sign-on works correctly for now. I've followed Azure Spring Boot Sample Active Directory Web App and can use my AAD keys there and everything works as expected, but when I try to do the same on mine, I get the error. Error occurs on all endpoints, whether they are @PreAuthorize(hasRole('ROLE_someRole')") or not.
Here are some logs for when the error occurs. It's long but I'm having trouble debugging -- hoping someone else can catch something. I can see that I'm getting a 401 UNAUTHORIZED response but I'm unclear why.
Please let me know if any other information might be needed.
Why is this not a Bug or a feature Request?
Cloning the repository from the Azure Spring Boot Sample Active Directory Web App and using the client id, keys, etc., for my AAD setup works as expected.
Setup (please complete the following information if applicable):
Using Gradle:
Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report
The text was updated successfully, but these errors were encountered: