search

bshaffer / oauth2-server-php

A library for implementing an OAuth2 Server in php
http://bshaffer.github.io/oauth2-server-php-docs
MIT License
3.26k stars 953 forks source link

Authorization code doesn't exist or is invalid for the client #705

Open Makimizu opened 8 years ago

Makimizu commented 8 years ago

Hi, i followed this tutorial from http://bshaffer.github.io/oauth2-server-php-docs/cookbook/ and everything okey. but, yesterday, i'm got error " 'error' => string 'invalid_grant' 'error_description' => string 'Authorization code doesn't exist or is invalid for the client' ".

Below my code : server.php <?php require_once ('include/OAuth2/Autoloader.php'); OAuth2\Autoloader::register();

ini_set('display_errors',1); error_reporting(E_ALL);

$dsn = 'mysql:dbname=mlvm2;host=localhost'; $user = 'root'; $pass = 'mleisure';

$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $user, 'password' => $pass)); $server = new OAuth2\Server($storage,array('always_issue_new_refresh_token' => true));

$request = OAuth2\Request::createFromGlobals(); $server->handleTokenRequest($request); $response = new OAuth2\Response();

$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage)); $server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage)); ?>

authorize.php <?php require_once DIR.'/server.php';

if (isset($_POST['submit'])) {
    $request = OAuth2\Request::createFromGlobals();
    $response = new OAuth2\Response();

    if (!$server->validateAuthorizeRequest($request,$response)) {
        $response->send();
        die();
    }

    $server->handleAuthorizeRequest($request,$response,true);
    $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);

    $client_id      = "testclient";
    $client_secret  = "testpass";

    $grantType = $_POST['grant_type'];
    $link = "auth.php?grant_type=$grantType&code=$code";

    exit("
        <b>Successfully!</b><br/>
        Grant Type : $grantType <br/>
        Authorization Code:$code<br/>
        <form method='post' action='$link'>
            <input type='submit' name='token' value='Token'/>
        </form><br/>
        <a href='index.php'><b>Back to Home<b/></a>
    ");
}

?>

token.php <?php $curl_post_data = array( 'grant_type' => $_GET['grant_type'], 'code' => $_GET['code'], 'redirect_uri' => 'http://localhost/web/', );

$service_url = 'http://localhost/web/token.php';
$curl = curl_init($service_url);

curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, 'testclient:testpass'); 
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $curl_post_data);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); 
$curl_response = curl_exec($curl);
$response = json_decode($curl_response,true);
curl_close($curl);
var_dump($response);

//$access_token = $response['access_token'];

echo "<br/><a href='index.php'><b>Back to Home<b/></a>";

?>


what can i do for resolved this error.

afilippov1985 commented 8 years ago

I think, this lines is unwanted in server.php

$request = OAuth2\Request::createFromGlobals();
$server->handleTokenRequest($request);
$response = new OAuth2\Response();
Makimizu commented 8 years ago

thank you so much. it's worked.