I found a bug in com.nimbusds.oauth2.sdk, the client_id parameter was not passed in during the Authorization Request
- client_id is a required parameter
- tokenRequest.toHTTPRequest()
org.springframework.security.oauth2.client.endpoint:NimbusAuthorizationCodeTokenResponseClient
- There is a bug in the code here, client_id cannot be obtained
com.nimbusds.oauth2.sdk.AbstractOptionallyIdentifiedRequest com.nimbusds.oauth2.sdk.TokenRequest
TokenRequest tokenRequest = new TokenRequest(tokenUri, clientAuthentication, authorizationCodeGrant);
Use the following code to fix
TokenRequest tokenRequest = new TokenRequest(tokenUri,clientAuthentication.getClientID(), authorizationCodeGrant);
Comment From: cabbage89
This may be a compatibility issue with the oauth2 protocol. When the Authorization: Basic XXXX request header is present, the query parameter client_id is not required.
Both Authorization and client_id are required in CAS SSO