$provider->getResourceOwner error

[welove]

Hello,

When using this line of code:

$user = $provider->getResourceOwner($token);

I'm getting the following error:

Fatal error: Uncaught TypeError: Argument 1 passed to League\OAuth2\Client\Provider\Apple::createResourceOwner() must be of the type array, null given, called in /var/www/vhosts/fitben.site/vendor/league/oauth2-client/src/Provider/AbstractProvider.php on line 769 and defined in /var/www/vhosts/fitben.site/vendor/patrickbussmann/oauth2-apple/src/Provider/Apple.php:191 Stack trace: #0 /var/www/vhosts/fitben.site/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(769): League\OAuth2\Client\Provider\Apple->createResourceOwner(NULL, Object(League\OAuth2\Client\Token\AppleAccessToken)) #1 /var/www/vhosts/fitben.site/httpdocs/paginas/refresh/apple-callback.php(39): League\OAuth2\Client\Provider\AbstractProvider->getResourceOwner(Object(League\OAuth2\Client\Token\AppleAccessToken)) #2 {main} thrown in /var/www/vhosts/fitben.site/vendor/patrickbussmann/oauth2-apple/src/Provider/Apple.php on line 191

I used this git on another project and everything works fine, can this be an issue with a recent update to you package?

[patrickbussmann]

Ill check it today. Sorry for some delays.

Am 13.07.2020 um 13:08 schrieb Filipe Sá notifications@github.com:

 Hello,

When using this line of code:

$user = $provider->getResourceOwner($token);

I'm getting the following error:

Fatal error: Uncaught TypeError: Argument 1 passed to League\OAuth2\Client\Provider\Apple::createResourceOwner() must be of the type array, null given, called in /var/www/vhosts/fitben.site/vendor/league/oauth2-client/src/Provider/AbstractProvider.php on line 769 and defined in /var/www/vhosts/fitben.site/vendor/patrickbussmann/oauth2-apple/src/Provider/Apple.php:191 Stack trace: #0 /var/www/vhosts/fitben.site/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(769): League\OAuth2\Client\Provider\Apple->createResourceOwner(NULL, Object(League\OAuth2\Client\Token\AppleAccessToken)) #1 /var/www/vhosts/fitben.site/httpdocs/paginas/refresh/apple-callback.php(39): League\OAuth2\Client\Provider\AbstractProvider->getResourceOwner(Object(League\OAuth2\Client\Token\AppleAccessToken)) #2 {main} thrown in /var/www/vhosts/fitben.site/vendor/patrickbussmann/oauth2-apple/src/Provider/Apple.php on line 191

I used this git on another project and everything works fine, can this be an issue with a recent update to you package?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[patrickbussmann]

@welove:

You call this:

$user = $provider->getResourceOwner($token);

So it will use the league/oauth2-client library. https://github.com/thephpleague/oauth2-client/blob/master/src/Provider/AbstractProvider.php#L765

This will fetch the details from your oauth2 provider (its Apple).

    $response = $this->fetchResourceOwnerDetails($token);

    return $this->createResourceOwner($response, $token); // here $response is NULL

So fetchResourceOwnerDetails will returning NULL.

When we check the code here: https://github.com/patrickbussmann/oauth2-apple/blob/master/src/Provider/Apple.php#L115 We'll see that the code uses the $_GET or $_POST parameter to getting user data. And because thats nothing it's NULL.

Can you please post the link location href (browser url) when you get this error? It's like localhost/oauth-check?user=%7B%22firstName%22%3A%22John%22%7D

But I also added a test case and a fix for it in the new version.

Your $_POST['user'] seems to be an empty string or the $_GET['user'] is an empty string. Thats the reason for the issue.

[patrickbussmann]

@welove please test this script, too.

$token = null;
try {
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_POST['code']
    ]);
}
catch(Exception $exception) {
    var_dump($exception->getCode(), $exception->getMessage());
}

It should show you "invalid_grant".

I had the same issue now. It happen when you using Apples "code" more than one time.

[welove]

Hello, I tested the script and it didn't catch any exception. I'm getting $_POST['code'] and $token is set with the value "a5416d9c8257944f48bddcfbd13d8b031.0.nyvt.VUTfqjF_nLWw-LXG17ciGw".

One curious thing, is that I get the Fatal Error I mentioned in the first comment, only when I Sign In for the first time! If my Apple ID already authorized the app, the login works fine. Only problem is that it's only possible to get the users First and Last name on the first authorization.

[patrickbussmann]

Hmm confusing. But anyway its fixed with the new version. Hopefully it works as expected on your side - when its only when you log in the first time.

I release the new version soon so you can try with dev-master.

[welove]

I just updated the new script you've released, and now I don't get any error.

But I'm not getting the user name:

$pnome = $user->getFirstName(); $unome = $user->getLastName();

this stays empty :( Email is fine!

What is stranger is that I have your script on another server and everything works fine. Could it be some misconfiguration in PHP/Apache on this server?

[patrickbussmann]

No it cant run fine. Because you'll get first name, last name and email only at the very first request. So please remove your application first from https://appleid.apple.com/

Then try again please 👍

[welove]

Already did that. I'm constantly removing the application and testing the login like it's the user's first time.

On the dialog prompt it asks me to authorize the Name and Email like its supposed to. But $user->getFirstName(); still returns empty. Can I privately email you the link for the website so you can try it yourself?

[patrickbussmann]

After mailing a bit we found the issue. The $_POST was manipulated by a third party file. Few years ago we called it Magic Quotes: https://www.php.net/manual/de/security.magicquotes.php

So when someone else has this issue please check if the $_POST is manipulated somewhere. 😉