CODE EXAMPLE FOR JAVA

There is no client authentication. Try adding an appropriate authentication filter

//You should check WebSecurityConfigurerAdapter method like this:

@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring().antMatchers("/webjars/**", "/oauth/**");
}

//remove "/oauth/**" path. otherwise

//.postAccessToken(Principal principal, @RequestParam Map<String, String> parameters)

//principal will be null.