search

oauth-io / sdk-php

OAuth that just works ! This is the PHP SDK for OAuth.io
https://oauth.io
86 stars 10 forks source link

Getting "Invalid format" error during server side auth #20

Closed ghost closed 9 years ago

ghost commented 9 years ago

Hi, I have a javascript client and a laravel backend. I successfully got state token by calling generateStateToken() method, but then I send that to $this->oauth->auth() method I get Invalid Format error. Can you please tell me what this error means and what I am doing wrong.

Client Side

var selectedAuth = 'facebook';
$.post('http://localhost/auth/v1/social', {provider: selectedAuth, get_state_token: 1}, function(data){
    OAuth.popup(selectedAuth)
    .done(function(result) {
        console.log(result);
        $.post('http://localhost/auth/v1/social', {provider: selectedAuth, code: data.token, access_token: result.access_token}, function(data){
            console.log(data);
        }, 'json');
    })
    .fail(function (err) {
        //handle error with err
    });
}, 'json');

Server Side

// get state token
$token = $this->oauth->generateStateToken();
return response()->json(['status' => 'success', 'token' => $token]);

--- snip ---

// get access token from state token
$provider = 'facebook';
$request_object = $this->oauth->auth($provider, array(
     'code' => $code
 ));
$credentials = $request_object->getCredentials();

I have verified that $code does have the exact state token that I have received on the 1st step. The value of $credentials is as follows:

{"status":"error","data":{"code":"Invalid format"},"refreshed":false}

Please help me out here. This error occurs for twitter auth as well.

ghost commented 9 years ago

I am really sorry for posting this question. I had missed a step in the documentation. The error was in my javascript code. While calling Oauth.popup(), I needed to pass the state token and get a code which was then supposed to be passed to the server. I was sending the state token to the server directly instead of the code.

The correct code will be this :

var selectedAuth = 'facebook';
$.post('http://localhost/auth/v1/social', {provider: selectedAuth, get_state_token: 1}, function(data){
    OAuth.popup(selectedAuth, {
        state: data.token
    })
    .done(function(result) {
        console.log(result);
        $.post('http://localhost/auth/v1/social', {provider: selectedAuth, code: result.code, access_token: result.access_token}, function(data){
             console.log(data);
        }, 'json');
    })
    .fail(function (err) {
        //handle error with err
    });
 }, 'json');