RUDIWER
commented
3 years ago Anyone knows how to fix this ???
Closed isolutiontech closed 3 years ago
RUDIWER
commented
3 years ago Anyone knows how to fix this ???
jlevers
commented
3 years ago For now, just pass any value as the lwaRefreshToken configuration parameter -- shouldn't matter what the value is. I'm working on a fix for this, but it won't be released for a while.
chrismeats
commented
3 years ago @jlevers Thank you for the awesome work on this library! I seem to be having the same issue here. I am unable to use getAuthorizationCode, I get the following error:
Client error: `POST https://api.amazon.com/auth/o2/token` resulted in a `400 Bad Request` response: {"error_description":"The request has an invalid grant parameter : refresh_token","error":"invalid_grant"}
Below is my code snipet if you have any ideas I appreciate it!
"lwaClientId" => env('LWA_CLIENT_ID'),
"lwaClientSecret" => env('LWA_CLIENT_SECRET'),
"lwaRefreshToken" => "NotNeeded",
"awsAccessKeyId" => env('AMAZON_ACCESS_KEY_ID'),
"awsSecretAccessKey" => env('AMAZON_SECRET_ACCESS_KEY'),
"endpoint" => Endpoint::NA, // or another endpoint from lib/Endpoints.php
"roleArn" => env('SPAPI_ROLE_ARN'),
]);
$apiInstance = new AuthorizationApi($config);
$selling_partner_id = "<SellerId>";
$developer_id = env('AMAZON_DEVELOPER_ID');
$mws_auth_token = "<MWS AUTH Token.>";
try {
$result = $apiInstance->getAuthorizationCode($selling_partner_id, $developer_id, $mws_auth_token);
dd($result);
} catch (Exception $e) {
echo 'Exception when calling AuthorizationApi->getAuthorizationCode: ', $e->getMessage(), PHP_EOL;
}I also tried with "lwaRefreshToken" => "" Which gives error:
Client error: `POST https://api.amazon.com/auth/o2/token` resulted in a `400 Bad Request` response: {"error_description":"The request is missing a required parameter : refresh_token","error":"invalid_request"}
jlevers
commented
3 years ago This should be resolved in v3.1.1, which I just released. Sorry that this took a while to get to!
chrismeats
commented
3 years ago @jlevers I am still getting these same error messages on the newest release 4.0.2
if I leave lwaRefreshToken blank I get
{"error_description":"The request is missing a required parameter : refresh_token","error":"invalid_request"}
If I remove lwaRefreshToken from my Configuration then I get
lwaRefreshToken must be specified when calling non-grantless API operations
Here is my config I am using:
$config = new Configuration([
"lwaClientId" => env('LWA_CLIENT_ID'),
"lwaClientSecret" => env('LWA_CLIENT_SECRET'),
// "lwaRefreshToken" => '',
"awsAccessKeyId" => env('AMAZON_ACCESS_KEY_ID'),
"awsSecretAccessKey" => env('AMAZON_SECRET_ACCESS_KEY'),
"endpoint" => Endpoint::NA, // or another endpoint from lib/Endpoints.php
"roleArn" => env('SPAPI_ROLE_ARN'),
"accessToken" => null,
]);What am I missing here? Any help is GREATLY appreciated!
SellingPartnerApi\Configuration constructor always requires a refresh token, but this won't work for one case - a hybrid Selling Partner API application.
In a hybrid application, it uses Authorization API to get authorization to call Selling Partner API operations on behalf of a seller who previously authorized you as an Amazon MWS developer. The refresh token is not available in this case.
--- some background info ---
What is the Authorization API? The Authorization API lets you migrate an Amazon Marketplace Web Service (Amazon MWS) authorization that a seller has granted you to a hybrid Selling Partner API application. This eliminates the need to request authorization from the seller again.
When would you need to use the Authorization API? Suppose you have published an Amazon MWS application on the Marketplace Appstore. A number of sellers have authorized you as an Amazon MWS developer so they can use your application. You later convert your Amazon MWS application into a hybrid Selling Partner API application that makes calls to both Amazon MWS and Selling Partner API. Now you want your application to make calls to Selling Partner API on behalf of these sellers without requesting authorization again. The Authorization API lets you do this.