I am creating a RESTful Laravel 5.1 API, and only have one client static site accessing the API. I wanted to add OAuth2 to protect the routes, so I went with lucadegasperi's OAuth2.
Making a request for access token, I get
{
"error": "invalid_client",
"error_description": "Client authentication failed."
}
With credentials (Making a DHC post request to http://ift.tt/1EjUjO3):
{
"grant_type" : "password",
"username" : "myname",
"password" : "password",
"client_id" : "webapp",
"client_secret" : "123"
}
I've followed the PasswordGrantVerifier docs to set this up, and added that codeblock to my \App namespace, and set up my oauth2.php config as such:
'grant_types' => [
'password' => [
'class' => '\League\OAuth2\Server\Grant\PasswordGrant',
'callback' => '\App\PasswordGrantVerifier@verify',
'access_token_ttl' => 3600
]
],
I looked into this exception, and traced it to PasswordGrant.php, namely:
$clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser());
if (is_null($clientId)) {
throw new Exception\InvalidRequestException('client_id');
}
//die($clientId) gives "webapp"
$clientSecret = $this->server->getRequest()->request->get('client_secret',
$this->server->getRequest()->getPassword());
if (is_null($clientSecret)) {
throw new Exception\InvalidRequestException('client_secret');
}
//die($clientSecret) gives "123"
// THE ERROR IS HERE
$client = $this->server->getClientStorage()->get(
$clientId,
$clientSecret,
null,
$this->getIdentifier()
);
dd($client); // NULL
The $client is null, but when I died my $clientId and $clientSecret above, they were correct. Likewise, I've already added a test client to my oauth_clients table.
I traced this back further to check out getClientStorage() within AbstractServer.php, and checked where client storage was set in setClientStorage().
What is happening here?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire