I got a problem when getting access_token from OAuth2 Server. I'm using curl in PHP to get the access_token, but it failed and return:
error: "invalid_client",
error_description: "Client authentication failed."
The strange is, if I use the curl from command prompt:
curl -d "client_id=f3d259ddd3ed8ff3843839b&client_secret=4c7f6f8fa93d59c45502c0ae8c4a95b&redirect_uri=http://application.dev/oauth/handle&grant_type=authorization_code&code=rZCQQBXVSQqKi2IRro1gYkSsRhyUcLsNODACjwPw" http://oauth-server.dev/oauth/access_token
it success and return the access_token:
"access_token":"fI7APDRZygrsF1BiegAQCS1yUT8vnm1LgD5bIu2U",
"token_type":"Bearer",
"expires_in":3600
I'm using Laravel 5.2 and here's my code to handle from OAuth Server to get access_token:
public function getOAuthHandle(Request $request){
$url = 'http://oauth-server.dev/oauth/access_token';
$code = $request->code;
$client_id = 'f3d259ddd3ed8ff3843839b';
$client_secret = '4c7f6f8fa93d59c45502c0ae8c4a95b';
$redirect_uri = 'http://application.dev/oauth/handle';
$clienttoken_post = array(
"code" => $code,
"client_id" => $client_id,
"client_secret" => $client_secret,
"redirect_uri" => $redirect_uri,
"grant_type" => "authorization_code"
);
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $clienttoken_post);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$json_response = curl_exec($curl);
curl_close($curl);
return $json_response;
}
I have tried to another script from internet and stackoverflow and restart Apache and PHP, but it still doesn't work.
Is there any way to solve this problem? What should I check?
Thank you for your help and answer.
Try to send the request on curl headers instead.
$curl = \curl_init();
\curl_setopt_array($curl, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 600,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_HTTPHEADER => $clienttoken_post,
CURLINFO_HEADER_OUT => true,
));
$response = \curl_exec($curl);
Either sent the grant_type
on headers and then client_secret
and client_id
as post, or sent them on headers try it out. And btw. $request->code
should be checked before passing to curl request. And all the url, client_secret, client_id
MUST be with in .env
and get them through config/services
.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.