paullb514
commented
5 years ago This didn't work for me, I get a bad request error back from Strava.
{"message":"Bad Request","errors":[{"resource":"Authorize","field":"scope","code":"invalid"}]}
Closed kartoone closed 2 years ago
paullb514
commented
5 years ago This didn't work for me, I get a bad request error back from Strava.
{"message":"Bad Request","errors":[{"resource":"Authorize","field":"scope","code":"invalid"}]}
iDontWantAUsername
commented
5 years ago Have you checked that you have updated your scopes to conform with the definition changes: https://developers.strava.com/docs/oauth-updates/
paullb514
commented
5 years ago As this library seems to be abandoned, I'm migrating to https://github.com/iamstuartwilson/strava and the token refreshing seems to work pretty effortlessly
nufrankz
commented
4 years ago This didn't work for me, I get a bad request error back from Strava.
{"message":"Bad Request","errors":[{"resource":"Authorize","field":"scope","code":"invalid"}]}
Out-of-the-box usage and I get the same.
kartoone
commented
4 years ago Make sure you are using the same scope I used in my code ... you cannot use the old scopes such as "write". Mine uses ones of the newer scopes 'activity:read_all' in the code sample I gave above. The error message indicates you are using an incorrect scope.
kartoone
commented
4 years ago Also, this is not for obtaining the initial access token ... that is completely different code. This is only for refreshing an access token using a refresh token. Your error message says "authorize" so it looks like you are trying to use this to obtain the initial access token. Use this code instead for that:
$options = array( 'clientId' => CLIENT ID AS INTEGER, 'clientSecret' => 'CLIENT SECRET AS STRING', 'redirectUri' => 'http://yourdomainname.com/landingpagetoparsethereturnedcode', 'scopes' => ['activity:read_all'] ); $oauth = new OAuth($options); if (!isset($_GET['code'])) { $this->set('authorizationurl', $oauth->getAuthorizationUrl()); } else { $token = $oauth->getAccessToken('authorization_code', array( 'code' => $_GET['code'] )); }
kartoone
commented
4 years ago Also, that's a separate bug either in my code snippet above or the library, but I had to go into the basvandorst library and change the default scopes from "write" to "activity:read_all". It seems to be ignoring my scopes array. Maybe that is supposed to be singular? I didn't have the time to debug it completely since going in and changing the defaults in the underlying OAuth.php file buried in basvandorst/stravaphp/src/Strava/API/OAuth.php worked for the purposes I need.
nufrankz
commented
4 years ago Fixed with scopes according to docs.
But seems methods to receive data in callbacks are outdated (receiving multiple 404 errors GET https://www.strava.com/api/athlete and undefined $token).
About undefined $token: reviewed GuzzleHttp docs, nothing about implementing $token.
Searching other options ATM. Thank you.
github-actions[bot]
commented
3 years ago Stale issue message
MGatner
commented
2 years ago @vredeling Can you provide a summary of what the outstanding issue is? Perusing this thread I haven't had any of the same problems in v2 so far.
github-actions[bot]
commented
2 years ago Stale issue message
There was another issue related to email that also was related to this same issue. I'm breaking it out into a separate issue. Forever tokens are gone as of yesterday (october 15th 2019). You must store a refreshtoken alongside a limited time (usually just a few hours) access token. The refreshtoken has no expiration, as it is the one that needs to be used to obtain the next access token.
Here is my code for obtaining the new accesstoken and refreshtoken using the existing refreshtoken. This is using the oauth2-client object this is a requirement/dependence of the basvandorst/stravaphp package.
The first param to the getAccessToken method is called the "grant type". Strava says you have to use "refresh_token" as the grant type when getting new token.
I am raising this as an issue here on this library because it seems like the best place to help people using this library even though I agree that I don't think this library needs to have support for refresh tokens. That has to exist at a higher level than this library because the person using the library has to store the refresh token somewhere. Still, I spent many hours trying to figure out how to do this and this is probably best place to put the info for people who need to use this library. Maybe add it to the documentation on the main page?
$options = array( 'clientId' => INSERT_YOUR_CLIENT_ID AS INTEGER, 'clientSecret' => INSERT YOUR CLIENT SECRET AS STRING, 'scopes' => ['activity:read_all'] NOT SURE WHETHER THIS HAS ANY IMPACT ); $oauth = new OAuth($options); $token = $oauth->getAccessToken('refresh_token',['refresh_token'=>$user->refreshtoken]); print_r($token);