Closed thepartnership-suman closed 8 months ago
Same for me !
I got the same issue, and i have no clue why this is happening with some users.
Im at the point im just going to ditch this code and do my own implementation.
Can you log the request query params? I'm using the provider in prod without issues. Is it only happening for some users?
@atymic yes it is only happening for some users. how do I log the query params? I only do Socialite::driver($provider)->redirect();
{"error":"invalid_request","error_description":"AADSTS900144: The request body must contain the following parameter: 'code'. Trace ID: 2a44b1bc-f60b-405a-aa21-1397c4bbc200 Correlation ID: a585739a-1c4f-4cca-b318-08ffc71b95fd Timestamp: 2023-11-23 14:13:09Z","error_codes":[900144],"timestamp":"2023-11-23 14:13:09Z","trace_id":"2a44b1bc-f60b-405a-aa21-1397c4bbc200","correlation_id":"a585739a-1c4f-4cca-b318-08ffc71b95fd","error_uri":"https://login.microsoftonline.com/error?code=900144"}
is the full untruncated response i get back. This happens even though all the necessary is entered. This happens to some users, even using the same credentials.
Same issue here. was working yesterday, then it stopped working.
@atymic if I run dd($request->getUri())
, I receive the following dump:
GuzzleHttp\Psr7\Uri {#309 ▼ // app/Http/Controllers/AuthController.php:28
-scheme: "https"
-userInfo: ""
-host: "login.microsoftonline.com"
-port: null
-path: "/common/oauth2/v2.0/token"
-query: ""
-fragment: ""
-composedComponents: "https://login.microsoftonline.com/common/oauth2/v2.0/token"
}
It seems like, there is no query attached at all.
Exception is raised by the ->user()
method.
Dump of the full request:
GuzzleHttp\Psr7\Request {#313 ▼ // app/Http/Controllers/AuthController.php:29
-method: "POST"
-requestTarget: null
-uri: GuzzleHttp\Psr7\Uri {#309 ▼
-scheme: "https"
-userInfo: ""
-host: "login.microsoftonline.com"
-port: null
-path: "/common/oauth2/v2.0/token"
-query: ""
-fragment: ""
-composedComponents: "https://login.microsoftonline.com/common/oauth2/v2.0/token"
}
-headers: array:4 [▼
"User-Agent" => array:1 [▼
0 => "GuzzleHttp/7"
]
"Content-Type" => array:1 [▼
0 => "application/x-www-form-urlencoded"
]
"Host" => array:1 [▼
0 => "login.microsoftonline.com"
]
"Accept" => array:1 [▼
0 => "application/json"
]
]
-headerNames: array:4 [▼
"user-agent" => "User-Agent"
"content-type" => "Content-Type"
"host" => "Host"
"accept" => "Accept"
]
-protocol: "1.1"
-stream: GuzzleHttp\Psr7\Stream {#311 ▼
-stream: stream resource @8 ▼
wrapper_type: "PHP"
stream_type: "TEMP"
mode: "w+b"
unread_bytes: 0
seekable: true
uri: "php://temp"
options: []
}
-size: 219
-seekable: true
-readable: true
-writable: true
-uri: "php://temp"
-customMetadata: []
}
}
Request body dump (truncated):
"grant_type=authorization_code&client_id=...&client_secret=...&redirect_uri=...&scope=User.Read ◀" // app/Http/Controllers/AuthController.php:29
Found a fix for my issue, based on this: https://stackoverflow.com/a/38754821/9337116
I've renamed the config option services.microsoft.tenant
to services.microsoft.tenant_id
in config/services.php
for another Service and forgot, that it is used for this Provider too. Therefore it has used the fallback common
instead of the real tenant id.
Reverting that back to the original name, fixed it in my case. So probably it is just a missing (but documented as optional) tenant id.
@dallyger could you PR a fix to the docs? Thanks!
@atymic this is a fix for my specific use-case (just login, single tenant, no other features used). I do not really understand what is going on here, just that it works in my case. That is probably not enough to submit a PR. However, I've tried to look into it and stumbled upon this comment (https://github.com/SocialiteProviders/Providers/issues/1029#issuecomment-1740089387) in another issue. It seems like that one commit from it (https://github.com/SocialiteProviders/Microsoft/commit/ed3fd7fb306ef3c02df6426b5d05fe2f203f749e) is the exact changes you'd want. But cannot really confirm due to lack in knowledge. Maybe you can cherry-pick that?
@dallyger I have PR'd those changes here: https://github.com/SocialiteProviders/Providers/pull/1226
When I try from my Office365 account it works fine but when some clients try to login then system gets error below. No idea who is getting the error as we don't know the user -
Client error:
POST https://login.microsoftonline.com/common/oauth2/v2.0/token
resulted in a400 Bad Request
response: {"error":"invalid_request","error_description":"AADSTS900144: The request body must contain the following parameter: 'co (truncated...) {"exception":"[object] (GuzzleHttp\Exception\ClientException(code: 400): Client error:POST https://login.microsoftonline.com/common/oauth2/v2.0/token
resulted in a400 Bad Request
response: {\"error\":\"invalid_request\",\"error_description\":\"AADSTS900144: The request body must contain the following parameter: 'co (truncated...) at /home/forge/api.legalito.co.uk/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php:113) [stacktrace]0 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/guzzle/src/Middleware.php(72): GuzzleHttp\Exception\RequestException::create()
1 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/promises/src/Promise.php(209): GuzzleHttp\Middleware::GuzzleHttp\{closure}()
2 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/promises/src/Promise.php(158): GuzzleHttp\Promise\Promise::callHandler()
3 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/promises/src/TaskQueue.php(52): GuzzleHttp\Promise\Promise::GuzzleHttp\Promise\{closure}()
4 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/promises/src/Promise.php(251): GuzzleHttp\Promise\TaskQueue->run()
5 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/promises/src/Promise.php(227): GuzzleHttp\Promise\Promise->invokeWaitFn()
6 /home/forge/api.legalito.co.uk/vendor/guzzlehttp/promises/src/Promise.php(272): GuzzleHttp\Promise\Promise->waitIfPending()
.........
looks like it is missing the
code
parameter but how can we fix this?Many Thanks, Suman