search

thephpleague / oauth2-server

A spec compliant, secure by default PHP OAuth 2.0 Server
https://oauth2.thephpleague.com
MIT License
6.52k stars 1.12k forks source link

Empty response #1192

Closed guich2507 closed 3 years ago

guich2507 commented 3 years ago

Hello,

To begin i want to congratulate you for your work. Your lib is really useful and good. I encounter a little problem i can not solve by myself. I install your lib with composer require league/oauth2-server in a docker and implement our engine based on symfony. I use your example code like that :

use Laminas\Diactoros\ServerRequestFactory; use Laminas\Diactoros\ResponseFactory;

class tokenController extends Controller { public function init() {

Initialisation

}

public function access_token(/*ServerRequestInterface $request, ResponseInterface $response*/) {
  /* @var \League\OAuth2\Server\AuthorizationServer $server */
  $server = Registre::get('server');

  $request = ServerRequestFactory::fromGlobals();
  $response = ResponseFactory::createResponse();

  try {

    # Try to respond to the request
    return $server->respondToAccessTokenRequest($request, $response);
  } catch (\League\OAuth2\Server\Exception\OAuthServerException $exception) {

    # All instances of OAuthServerException can be formatted into a HTTP response
    return $exception->generateHttpResponse($response);

  } catch (\Exception $exception) {
    # Unknown exception
    $body = new Stream('php://temp', 'r+');
    $body->write($exception->getMessage());
    return $response->withStatus(500)->withBody($body);
  }
}

and use this curl request in terminal : curl -X "POST" "http://localhost:8095/access_token" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: 1.0" --data-urlencode "grant_type=password" --data-urlencode "client_id=myawesomeapp" --data-urlencode "client_secret=abc123" --data-urlencode "username=alex" --data-urlencode "password=whisky" --data-urlencode "scope=basic email"

I receive an empty answer and when i use a client side php i have that : "HTTP/1.1 200 OK Date: Wed, 24 Feb 2021 00:28:50 GMT Server: Apache/2.4.38 (Debian) Content-Length: 0 Content-Type: text/html; charset=UTF-8"

But when i use exit($server->respondToAccessTokenRequest($request, $response)->getBody()->__toString()); instead of return $server->respondToAccessTokenRequest($request, $response);

I obtain my json answer : {"token_type":"Bearer","expires_in":3600,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJteWF3ZXNvbWVhcHAiLCJqdGkiOiI2MGMwMWNkZmJmYTBmMTY3ZGJlYjVmYjQwZDBjZmZiZWFkNWNhZTZiY2FlNmU3YzBmNTM1NDQ0YjAyNzE0NjFkODMyNTllMTkxMTUyMDVlOSIsImlhdCI6MTYxNDEyNzAyMiwibmJmIjoxNjE0MTI3MDIyLCJleHAiOjE2MTQxMzA2MjIsInN1YiI6IiIsInNjb3BlcyI6WyJiYXNpYyIsImVtYWlsIl19.WYZfsF4CYbDzZZwaf7_LNpg49K2Dc8bDMEmOUz9Hb-fkgNdk93QMEjlv0tfL2L2Rd3gl5OIuDIxNFhBWJJt_QczNnlj8kiWdLGAlbI84-SEubiXCtnu-xPdAYni6K22Y_E-NhSTqOmCU_mEo2bgtuUcC3hfjO9OIuyGpLw87sae24B2yCZiTO8xtLy1hXuR8B1ICsz4MJtvb3nOXmjB02drlsUx184tz7NV0jFDcWfk9YgKwl07sa3G6-AqSG6AjOErSroH71KV1hjUvRrdyYOn1m21Y6pYuiMCiKtcFL-GiteqGkwEi0SGFQam5YDa9ebLkR64a60IAlzjzxOIyLQ"}

I do not understand. Can you help me ?

Sephster commented 3 years ago

Are you using any framework for your code? In our examples we use Slim which expects us to return PSR7 responses and handles them accordingly.

If you aren't using a framework that handles PSR7 responses, you will need to do some extra leg work to generate the appropriate HTTP response.

My assumption is this is the issue. I hope this helps but if not, please get back in touch and we will reopen this support call. Thank you.