CODEWITHSUNDEEP
phpsslcurloauth-2.0
kemalsami
kemalsami

Reputation: 347

League\OAuth2\Client\Provider\GenericProvider SSL error

I used "league/oauth2-client" library and tried to get access token from provider. My first step that getting authorization code working properly. When i request for access token to provider, i got exception like "cURL error 51: SSL: no alternative certificate subject name matches target host name 'XXX.XXX.com'" .

I used Postman to get access token manually with given proper parameters. It worked fine and provider returned access token to postman.

https://github.com/thephpleague/oauth2-client

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
    'clientId' => 'XXX',
    'clientSecret' => 'YYY',
    'redirectUri' => 'https://exampleclient.com/oauth',
    'urlAuthorize' => 'https://example.com/OAuth2AuthorizationServer/AuthorizationController',
    'urlAccessToken' => 'https://example.com/oauth/AccessTokenController',
    'urlResourceOwnerDetails' => 'https://example.com/oauth/ResourceController',
    'scopes' => array('BLABLA'),
    'verify' => false,
]);

try {
    $accessToken = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    echo 'Access Token: ' . $accessToken->getToken() . "<br>";
    echo 'Refresh Token: ' . $accessToken->getRefreshToken() . "<br>";
    echo 'Expired in: ' . $accessToken->getExpires() . "<br>";
    echo 'Already expired? ' . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "<br>";

    $resourceOwner = $provider->getResourceOwner($accessToken);
    var_export($resourceOwner->toArray());
    die;

    } catch (Exception $e) {

        // Failed to get the access token or user details.
        exit($e->getMessage());
    }

Upvotes: 3

Views: 3992

Answers (1)

kemalsami
kemalsami

Reputation: 347

league/oauth2-client library uses GuzzleHttp\Client so we need to set

GuzzleHttp\RequestOptions::VERIFY => false

The easiest way to do this create a new GuzzleHttp\Client and set its VERIFY option to false. 

$guzzyClient = new GuzzleHttp\Client([
    'defaults' => [
        \GuzzleHttp\RequestOptions::CONNECT_TIMEOUT => 5,
        \GuzzleHttp\RequestOptions::ALLOW_REDIRECTS => true],
     \GuzzleHttp\RequestOptions::VERIFY => false,
]);

$provider->setHttpClient($guzzyClient);

Upvotes: 6

Related Questions