Open romach opened 1 year ago
The general request looks ok. And you're using standard basic auth credentials base64 encoded "client-id:client-password"?
The general request looks ok. And you're using standard basic auth credentials base64 encoded "client-id:client-password"?
Yes I do.
The issue is that error message invalid or missing request parameter
is to vague. So I can't determine the reason for error.
The Authorization Code is exactly 98 characters. So adding that to the request, the content length without whitespaces is 143 characters.
{"code":"MF2XI.JQ4KK77YEP4HAA3RHO2PJMK3F4JS4L37NDVEUMY.U4662YGK27JU4UXDQBJOXZ7NFK2GDP4TWK7UCQEB536ZBZAZXM3A","grant_type":"authorization_code"}
I see that the content length of your request is 156. Where do these extra characters come from? Are they simply whitespaces?
@adriansmares: Since the above Token request is explicitly POST, I see the E_INVALID_REQUEST
(the OSIN error for this invalid_request
) only if the parsing of the form failed. But we explicit set the form values before calling this function.
Do you see something?
The problem here is that the redirect URI is not provided during the token exchange. The OAuth client which is affected here has multiple redirect URIs, and the first redirect URI in the OAuth client is probably different from the one requested during authorization.
Providing the redirect_uri
explicitly in the body of the token exchange request should fix this issue. The redirect_uri
is supposed to be provided by the caller explicitly during the token exchange, but for convenience osin
will use the first redirect URI in case none is provided. It will still validate the redirect URI against the one provided in the authorization request, and since probably the implicit redirect URI is not matching that one, the error occurs.
This is mainly from the backend logs of the Identity Server. We don't propagate error causes from osin
, but maybe in the future we can take a look if we should do it.
Summary
I get 400 error when I try to exchange authorization code for an OAuth access token according to the documentation https://www.thethingsindustries.com/docs/reference/api/authentication/
Response body:
Steps to Reproduce
https://eu1.cloud.thethings.network/oauth/authorize?client_id=<oauth_client_id>&redirect_uri=<redirect_uri>&response_type=code
Current Result
Error with code 400 and body:
Expected Result
Response with status code 200 and body
Relevant Logs
No response
URL
https://eu1.cloud.thethings.network/oauth/token
Deployment
The Things Stack Community Edition
The Things Stack Version
No response
Client Name and Version
No response
Other Information
No response
Proposed Fix
No response
Contributing
Code of Conduct