omgitstom
commented
8 years ago Hi @jlspies1,
Can you dump the $request object? Usually, when we see invalid_request it is something related to what is passed.
Thanks! Tom
Open eyespies opened 8 years ago
omgitstom
commented
8 years ago Hi @jlspies1,
Can you dump the $request object? Usually, when we see invalid_request it is something related to what is passed.
Thanks! Tom
eyespies
commented
8 years ago Here is the request that I am posting, I have replaced the actual authentication information with dummy data to protect the guilty:
POST /oauth/token?grant_type=client_credentials HTTP/1.1
Host: auth.dev
Content-Type: application/json
Accept: application/json
Authorization: Basic xxxxxxx
Cache-Control: no-cache
Postman-Token: 91063c0b-2808-cf27-bc4d-2f12c84281f3You'll notice that the grant_type is set via the query string. If I try posting as form data (per https://stormpath.com/blog/php-stormpath-api), then I get the error {"message":"The grant_type query parameter must be used","error":"invalid_request"} (I'm sharing this in case you were going to tell me to use form data instead of the query string).
Here is the output from var_dump($_REQUEST):
array(1) {
["grant_type"]=>
string(18) "client_credentials"
}If I post the grant_type as JSON data in the body, I get a different error:
Request
POST /oauth/token HTTP/1.1
Host: auth.dev
Accept: application/json
Authorization: Basic xxxxxx
Cache-Control: no-cache
Postman-Token: a9f348a9-35c3-dc69-b6d4-094bebefc317
{"grant_type": "client_credentials"}Response {"message":"The authorization grant type is not supported by the authorization server.","error":"unsupported_grant_type"}
omgitstom
commented
8 years ago Hi @jlspies1
I'm more interested in what is in $request object that is passed to the function doClientCredentialsGrantType($request). My gut feeling is that something isn't being added to the request.
Thanks! Tom
eyespies
commented
8 years ago I have the output, but it is rather large (almost 8000 lines) and probably contains some sensitive information. How can I get this to you in a non-public way?
omgitstom
commented
8 years ago Actually, I'm pretty sure this is a defect on our end. I just reproduced. I'm going to queue this up to be fixed. Unfortunately, we will not be able to get a fix out this week and will more than likely be sometime next week. Is that ok based on your timelines?
Thanks, Tom
omgitstom
commented
8 years ago @bretterer it seems like the client_credentials grant type is behaving incorrectly. It is looking for the grant_type in the query parameters (incorrect). If needs to be looking for the grant_type in the form body:
Also, I can't seem to get it to work even with passing grant_type in the query params, it is erroring with:
Call to a member function getStatus() on a non-object in /Users/tom/Development/lumen-example/app/vendor/stormpath/sdk/src/Authc/Api/InternalRequestAuthenticator.php on line 48Also, this needs to be rewritten to use the REST API on token generation
eyespies
commented
8 years ago I just realized that I was using the Stormpath API keys that I created for
my user in order to attempt this authentication, rather than the username
/ password (since I'm trying to setup service to service authentication and
not person to service authentication). Once I changed to username /
password, I now receive the same Call to a member function getStatus() on a non-object that you received.
On Mon, Jul 25, 2016 at 6:08 PM, Tom notifications@github.com wrote:
@bretterer https://github.com/bretterer it seems like the client_credentials grant type is behaving incorrectly. It is looking for the grant_type in the query parameters (incorrect). If needs to be looking for the grant_type in the form body:
Also, I can't seem to get it to work even with passing grant_type in the query params, it is erroring with:
Call to a member function getStatus() on a non-object in /Users/tom/Development/lumen-example/app/vendor/stormpath/sdk/src/Authc/Api/InternalRequestAuthenticator.php on line 48
Also, this needs to be rewritten to use the REST API on token generation
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/stormpath/stormpath-lumen/issues/5#issuecomment-235101282, or mute the thread https://github.com/notifications/unsubscribe-auth/ABdUIafXpMIFSYXbiEJ7KCkAvqNpCrMtks5qZTPNgaJpZM4JTT2F .
Thank you, Justin
bretterer
commented
8 years ago @jlspies1 Just wanted to let you know that your issue should be resolved with the newest release 0.1.5. Please update your packages and let me know if this resolves it for you.
-Brian
While testing both the password and _clientcredentials grants, the password grant works, however the _clientcredentials grant fails with the following response:
My composer.json contains the following:
Looking in src/Http/Controllers/OauthController.php, I see
and if I add output just before the
$tokenResponse = $result->tokenResponse;line, the output from my code shows, so it is the$tokenResponse = $result->tokenResponse;line that is causing issues. I did avar_dump($result);and do not see anytokenResponseattribute.