> Could this be a bug in the tool?
There's definitely an issue with the CXF json handling here. The parsing logic expects only a simple json object response - no nested objects or array values. And there's no good error checking to enforce these expectations - https://github.com/apache/cxf/blob/173ec8971c78dd7c8fc311617b6e25718af23da8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
Since it's still like this on the latest version I don't think you'll have better luck with a later Teiid / CXF. Do you know what that JSON response looks like? More than likely an issue will need to be opened against the CXF project.
As Steve suggests, if you can manually do the auth process and post the JSON, then we can run through either fix or enter issue with CXF folks fix the issue. The code for flow is here teiid/OAuthUtil.java at master · teiid/teiid · GitHub
Let us know.