CODEWITHSUNDEEP
phplaraveloauth-2.0laravel-passport
Venelin
Venelin

Reputation: 3306

Laravel Passport - oauth/token gives Client authentication failed

I've installed Laravel Passport.

Here is how I generate auth code:

public function auth(Request $request)
{
    $request->session()->put('state', $state = Str::random(40));

    $request->session()->put(
        'code_verifier', $code_verifier = Str::random(128)
    );

    $codeChallenge = strtr(rtrim(
        base64_encode(hash('sha256', $code_verifier, true))
        , '='), '+/', '-_');

    $query = http_build_query([
        'client_id' => '1',
        'redirect_uri' => 'http://127.0.0.1:8000/authorize/response',
        'response_type' => 'code',
        'scope' => '',
        'state' => $state,
        'code_challenge' => $codeChallenge,
        'code_challenge_method' => 'S256',
    ]);

    return redirect('http://127.0.0.1:9000/oauth/authorize?'.$query);
}

Above request all passes well. Here is how I try to generate access token:

public function authResponse(Request $request)
{
    $state = $request->session()->pull('state');

    throw_unless(
        strlen($state) > 0 && $state === $request->state,
        InvalidArgumentException::class
    );

    $response = Http::asForm()->post('http://127.0.0.1:9000/oauth/token', [
        'grant_type' => 'authorization_code',
        'client_id' => '1',
        'client_secret' => 'hYMELQ1VKAWrG0TwrkM3JxUuoICSCWCzCztClZZi',
        'redirect_uri' => 'http://127.0.0.1:8000/authorize/response',
        'code' => $request->code,
    ]);

    return $response->json();
}

When I execute the code for generating the access token I get the following error:

{"error":"invalid_client","error_description":"Client authentication failed","message":"Client authentication failed"}

Any idea what can be the cause of this error? I've taken the client_secret from the DB.

Any idea what can be the problem and how can I fix it?

Upvotes: 0

Views: 1822

Answers (1)

francisco
francisco

Reputation: 2140

You are missing to pull from session the code_verifier on your authResponse() method.

$codeVerifier = $request->session()->pull('code_verifier');

Then add the $codeVerifier to the 'code_verifier' in post method when your are converting authorization codes to access tokens.

$response = Http::asForm()->post('http://127.0.0.1:9000/oauth/token', [
        'grant_type' => 'authorization_code',
        'client_id' => '1',
        'client_secret' => 'hYMELQ1VKAWrG0TwrkM3JxUuoICSCWCzCztClZZi',
        'redirect_uri' => 'http://127.0.0.1:8000/authorize/response',
        'code' => $request->code,
    ]);

Check out the docs about this.

Upvotes: 0

Related Questions