search

wagnerdelima / drf-social-oauth2

drf-social-oauth2 makes it easy to integrate Django social authentication with major OAuth2 providers, i.e., Facebook, Twitter, Google, etc.
https://drf-social-oauth2.readthedocs.io/en/latest/
MIT License
269 stars 34 forks source link

Invalid Client Error #213

Open azimhossaintuhin opened 3 months ago

azimhossaintuhin commented 3 months ago

After Creating An Application With Client Type "Confidential" and Authorization grant type: Resource owner password-based When I Request An Token And Hit The Route http://127.0.0.1:8000/auth/token with Json Body This { "username": "username" , "password":"password", "grant_type": "password", "client_id": "kRMUn5rVjGowZpqe8cqi20Ldghny5ARm7FLUke9g", "client_secret": "pbkdf2_sha256$720000$tNZxT5vI4mTyYgfrcZIZAO$MYQNjZCcURvHG18YsGfH4hSHrnjpXNcomoRYfXppVSc=" } which is a valid client id and secret key it returns me
{ "error": "invalid_client" } but when i make the Client Type "Public " and hit with the same data the access and refresh token will come

bojanKuzma commented 1 month ago

You must use the client secret before it is hashed by pbkdf2, you are using the hashed version. It says you to save the secret before saving the application.

wagnerdelima commented 1 week ago

That is correct. When you create your application, copy the client_secret (you can deselected the Hash checkbox) and save it. This shall solve your issue.