stackoom
  简体   繁体   中英

error: "unsupported_grant_type" from django oauth2 server

 原文  2020-03-03 11:40:18       django/ angular/ oauth-2.0

Question

Not sure why django won't accept my POST request for an access token. All my parameters are correct and I already have the authorization code, but a follow-up POST request for the access token gives me this error.

Content-type is correct from what I read from others. If the pkce side was non-accurate it would give me a more specific error about that.

HttpErrorResponse is { error: "unsupported_grant_type" } 400 bad request 

 requestToken(code: string, state: string) {
  const clientState = sessionStorage.getItem('pkce-state');
   if (clientState !== state) {
    console.error('States do not match!');
   }

  const verifier = sessionStorage.getItem('pkce-verifier');

  const params = new URLSearchParams({
   grant_type: 'authorization_code',
   redirect_uri: 'http://localhost:4200/dashboard',
   client_id: 'client_id',
   code,
   state,
   verifier
 });

return this.http.post('http://localhost:8000/o/token/',
  {
    params
  },
  {
    withCredentials: true,
    headers: new HttpHeaders({
        'Content-Type': 'application/x-www-form-urlencoded'
      }
    )
  });

}

Also tried this:

requestToken(code: string, state: string) {
  const clientState = sessionStorage.getItem('pkce-state');
   if (clientState !== state) {
     console.error('States do not match!');
   }
  const verifier = sessionStorage.getItem('pkce-verifier');

  return this.http.post('http://localhost:8000/o/token/',
    {
      grant_type: 'authorization_code',
      redirect_uri: 'http://localhost:4200/dashboard',
      client_id: 'client_id',
      code,
      state,
      verifier
    },
    {
      withCredentials: true,
      headers: new HttpHeaders({
        'Content-Type': 'application/x-www-form-urlencoded',
        'Accept': 'application/json'
      }
    )
  });

}

1 answers

solution1
 0  2020-03-03 19:04:57

Try matching step 7 of my write up precisely :

  • Use code_verifier
  • Get rid of the state parameter, which is not needed on a direct https message to the token endpoint

Error messages are often misleading but this will make your message 100% standard and hopefully will work.

Then again, always possible that Django doesn't support this flow properly ...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Django OAuth2 unsupported_grant_type django oauth toolkit unsupported_grant_type error Django OAuth2 invalid grant_type im trying to send authentication request for apple using python and django 1.9, but always giving me unsupported_grant_type DJANGO oauth2 grant_type client_credentials Which Authorization Grant to use for Django Oauth2 toolkit? OAuth2 password grant complaining about response_type Which OAuth2 Grant Type Should I Use For ios client? Django oauth toolkit using implicit grant type Revoke-token error in oauth2 Django Oauth2
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM