Hi!

I recently encountered a problem which seems to be somehow related to #492

It seems that the OAuth request behaves differently depending on whether the REST client is running locally or in a docker container in a cloud environment.
For the first case, when we use a wrong clientId for authentication, a 401 response with a body is received, which is logged in debug mode (in method OAuth20Service.sendAccessTokenRequestSync()) like follows:

created access token client credentials grant request with body params [grant_type=client_credentials], query string params []
send request for access token synchronously to https://...
response status code: 401
response body: {"error":"unauthorized","error_description":"Full authentication is required to access this resource"}

I have absolutely no idea where the "response body" is taken from because it is 100% sure that the service doesn't send a body for a 401 response - it is simply empty (tested with curl, postman etc.)

Now, when our client is running in the cloud (and contacting the exact same service), the response is null:

created access token client credentials grant request with body params [grant_type=client_credentials], query string params []
send request for access token synchronously to https://...
response status code: 401
response body: null

In this case, an exception is thrown in OAuth2AccessTokenJsonExtractor.extract():

 java.lang.IllegalArgumentException: Response body is incorrect. Can't extract a token from an empty string
	at com.github.scribejava.core.utils.Preconditions.check(Preconditions.java:49)
	at com.github.scribejava.core.utils.Preconditions.checkEmptyString(Preconditions.java:31)
	at com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor.extract(OAuth2AccessTokenJsonExtractor.java:34)
	at com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor.extract(OAuth2AccessTokenJsonExtractor.java:17)
	at com.github.scribejava.core.oauth.OAuth20Service.sendAccessTokenRequestSync(OAuth20Service.java:157)
	at com.github.scribejava.core.oauth.OAuth20Service.getAccessTokenClientCredentialsGrant(OAuth20Service.java:418)

Because of that, I am wondering: Why should it be a problem if there is no response body when we receive a 401 response? Actually, according to the HTTP code it is clear that there won't be an OAuth token and there will be nothing that could be extracted from the response. Besides this, the generateError() method which would be called afterwards does also allow the variables errorUri, errorCode and errorDescription to be null when throwing the OAuth2AccessTokenErrorResponse exception.

Thus, I think that the check for an empty string might be too early und should be placed below the if-statement, isn't it?
Thanks!