search

bshaffer / oauth2-server-bundle

OAuth2 for your Symfony Application
MIT License
106 stars 72 forks source link

"The grant type was not specified in the request" #45

Closed timothyjeffcoat closed 8 years ago

timothyjeffcoat commented 8 years ago

I have the following code to test against a local instance of this oauth2-server-bundle that I included in a symfony demo app for test purposes.

I am testing the token endpoint.

When I test with the code below I get the error message:

"The grant type was not specified in the request"

Can anyone tell me why?

When I debug I see that the $_REQUEST does contain all parameters but the

$this->get('oauth2.request') does not contain any of the parameters.

When I use a straight curl command from the terminal as demonstrated in the documentation

curl -u testclient:testpass http://localhost/token.php -d 'grant_type=authorization_code&code=YOUR_CODE'

I don't have any problems. I get back the expected results.

    $username='oauthopenidserver';
    $password='rfl703uk0qsgwg0gs840w0c8884s0w4';
    $url = 'http://oauthopenidserver.com:8080/token';
    $fields = array(
        'code' => $auth_code,
        'grant_type' => 'authorization_code',
        'redirect_uri' => 'http://localhost:8000/en/sso/login_oidc',
        'scope' => 'openid',
    );

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,$url);
    curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds
    curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
    curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
    curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
    curl_setopt($ch, CURLOPT_POST, true);
    $status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);   //get status code
    $response=curl_exec ($ch);
    curl_close ($ch);
bshaffer commented 8 years ago

I'm not sure where the cURL snippet above is wrong, but it's clearly an issue with cURL and not this library. However, try passing a form-encoded string instead of an array:

curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
timothyjeffcoat commented 8 years ago

Thanks for the quick reply. I was able to figure it out. I post the code below for anybody else that has the same issue. The key was to include the Authorization: Basic in the header

$username='oauthopenidserver'; $password='rfl703uk0qsgwg0gs840w0c8884s0w4'; $url = 'http://localhost:8080/token'; $fields = array( 'grant_type' => 'authorization_code', 'code' => $auth_code, 'redirect_uri' => 'http://localhost:8000/en/sso/login_oidc', 'scope' => 'openid', );

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,$url);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded','Authorization: Basic b2F1dGhvcGVuaWRzZXJ2ZXI6cmZsNzAzdWswcXNnd2cwZ3M4NDB3MGM4ODg0czB3NA=='));
    curl_setopt($ch,CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
    curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds
    curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
    curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
    curl_setopt($ch, CURLOPT_POST, true);
    $status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);   //get status code
    $response=curl_exec ($ch);
    curl_close ($ch);

    if( is_array($response) ){
        foreach($response as $k=>$sVal){
            $this->logger->info("key: ".$k);
            $this->logger->info("value: ".$sVal);
        }
    }else{
        $this->logger->info("json response: ".$response);
    }
tonilxm commented 5 years ago

Try this : curl -X POST \ http://localhost:83/token.php \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d 'grant_type=client_credentials&client_id=testclient&client_secret=testpass'