Missing grant_type parameter in postman - php

I am using Brightspace API.
I am using the post method and the URL is https://auth.brightspace.com/core/connect/token
Reference link here
I have all the below details
Auth URL,
Access Token URL,
Client Id,
Client Secret,
Scope,
Grant Type, I have selected the Authorization code option.
In header, Content-Type is also application/json
Now, When I clicked on send button then I am getting an error
{
"error": "invalid_request",
"error_description": "Missing \"grant_type\" parameter"
}
Any idea I am getting this error?

You can't directly call POST method for response type "Code"
due to after POST call, Keycloak (IdP Server) redirect to registered URL (redirect_uri) for Login activity.
Luckily, In the Postman can do it by "Get New Token" in OAuto 2.0 mode.
I have no D2L Brightspace account's client ID /secret so I can't demo how to that but I captured image from It's video tutorial.
You can do it with your client ID /secret.
Steps
Set environment variable set in Postman (click right the top area's icon)
clientid, clientsecret with your values and oauth2scope(content:.)
Start "Get New Token"
select "Authorization" tab, select "OAuth 2.0" type, "Request Headers" and click the "Get New Access Token" in Request ( in Collection also possible)
Set the fields for each parameter
Enter 3 URLS from 1~3
Enter 3 environment variable with {{ variable name here }} from 4~6
Click the "Request Token" it will get access token.
more detail information in here, video and Postman collection

Related

sharepoint webhoook integration in php is not working

My auth URL:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={{app_client_id}}&scope=User.Read Sites.Read.All files.read files.read.all files.readwrite files.readwrite.all offline_access&response_type=code&redirect_uri=https://yourdomain/sharepoint-response
Using that URL, I get this response code
POST : https://login.microsoftonline.com/common/oauth2/token
body : "client_id="{{app_client_id}}"&redirect_uri="https://yourdomain/sharepoint-response"&client_secret="{{app_client_secret}}"&code="{{code from above url}}"&grant_type=authorization_code";
getting token
Then I follow all steps from https://learn.microsoft.com/en-us/sharepoint/dev/apis/webhooks/lists/create-subscription
Now I get:
"error_description" => "Invalid issuer or signature."
If you are using Azure AD try replacing grant_type=authorization_code with grant_type=client_credentials in the URL when you call the SharePoint API.
I needed the client_credentials grant_type because I'm using an Azure AD Application with Sites.Manage.All API permission which always needs client_credentials because it's an application type permission and not a delegated type.
If you want to use user login you will need to set delegated permissions.

Why am I getting error when I use Postman and oauth2 for login access case in apiagility?

I am new to Zend Framework 2. I am trying to get the login access scenario working with Postman (chrome extension). I have gone through the forum but I'm not sure if I'm missing something or not. So here are the steps that I have taken so far:
In MYSQL I have set up the tables accordingly and there is a user with the following fields in the oauth_clients table:
client_id : testclient
client_secret : testpass
redirect_uri : /oauth/receivecode (I'm not sure about the value of
this one could someone please shed some light on this?)
grant_type : password ( I want to use the service for authentication
and authorization to access a website or login access scenario)
The rest of the fields are NULL. No other entries in other tables.
I set the parameters in Postman like this:
Authorization : Oauth2
Headers:
Accept : application/json
Content-Type : application/json
The raw body is like:
{
"client_id":"testclient",
"client_secret":"testpass",
"grant_type":"password"
}
I post the request to:
www.dummy.dev/oauth/authorize
When I post the request this is what I get:
{
"type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html",
"title": "invalid_request",
"status": 302,
"detail": "Invalid or missing response type"
}
Why do I get this error message?
This error is triggered here in the OAuth2 AuthorizeController.
The controller checks whether the $response_type is valid. If not it returns this error message.
On line 313 you see:
protected function getValidResponseTypes()
{
return array(
self::RESPONSE_TYPE_ACCESS_TOKEN,
self::RESPONSE_TYPE_AUTHORIZATION_CODE,
);
}
Those constants are defined in the AuthorizeControllerInterface:
const RESPONSE_TYPE_AUTHORIZATION_CODE = 'code';
const RESPONSE_TYPE_ACCESS_TOKEN = 'token';
So somewhere during the handling of your request this $response_type value is not set correctly. It should either be set as token or code for the request to validate correctly. Not sure where in your config you did something wrong but with this information you should be able to find the problem.
redirect uri is not necessary and could be left null in the database as well. The correct uri to POST is www.dummy.dev/oauth and the raw parameters in Postman are:
{
"client_id":"dev.dummy",
"username":"testclient",
"password":"testpass",
"grant_type":"password"
}
The value of password is stored and encoded (with bcrypt) in the database. client_id and client_secret are not important in this scenario as my own website is the client of my API.

google OAUTH2 exchange authorization code for acces token "invalid request"

I'm getting google api authorization code from this page on my server
https://github.com/google/google-api-php-client/blob/master/examples/user-example.php
the same page on my hosting to test
http://mawk3y.net/google/google-api-php-client/examples/user-example.php
after adjusting client id, secret and redirect uri.
$data =file_get_contents('https://accounts.google.com/o/oauth2/auth?code='.$code.'&client_secret={secret}&redirect_uri={my web page}&grant_type=authorization_code');
print_r($data);
but i get an error so i'm trying to paste the full url to the browser address bar after getting authorization code from that page like this (the same auth code I get from this page https://developers.google.com/oauthplayground/)
https://accounts.google.com/o/oauth2/token?code={authorization code}&redirect_uri=mywebpage.php&client_id={my client id}&client_secret={secret code}&grant_type=authorization_code
but the result is
{
"error" : "invalid_request"
}
how to solve this and exchange the authorization code for access token
You're sending the parameters in a GET request to the authorization endpoint (https://accounts.google.com/o/oauth2/auth), but you must send them in a POST request to the token endpoint (https://accounts.google.com/o/oauth2/token).

server error 500 when calling auth dialog for not authenticated before users

when i try to sign up a new user throw my app requesting the dialog url returns a 500 error page on "chrome windows " and blank in "firefox ubuntu"
Steps to Reproduce:#
generate an auth url with
client_id,
redirect_uri
state,
scope
Expected Behavior:
display the authentication dialogue to the user with the permission
then redirect to the callback url with parameters
Actual Behavior#:
returns a 500 error page on "chrome windows " and blank in "firefox ubuntu"
link to test
https://www.facebook.com/dialog/oauth?client_id=228169977330896&redirect_uri=http%3A%2F%2Fwww.jobzella.com%2Fsocialauth%2Fauth%2Fcallback%2Ffacebook&state=ba63140fdc0ed2d8b5e133a321966363&scope=offline_access%2Cemail%2Cuser_birthday&response_type=code
The problem is with scope "offline_access" which is invalid.
Facebook does not give detail of error when scope is invalid, this has been observed by me.

Mediawiki: Invalid Edit Token

I use the API with HTTP POST to create a wiki page in a Mediawiki (1.14):
I require an edit token
It works, I get a fresh token (example: d96d72fae5e6c43b0b9f63d82ace366)
I send the HTTP POST for creating a new site with my new token (sth. similar to "d96d72fae5e6c43b0b9f63d82ace366+\"
I get an error message "Invalid Token"
I don't understand why I get this message, because I send a freshly created token in my POST request.
Any idea?
Did you URL-encode the terminating characters of your token? You have to convert the +\ to %2B%5C. Your POST request should look something like (minus the line breaks):
action=edit&title=Talk:River%20Otters
&section=new
&summary=Otters%3F
&text=Anyone%20see%20any%20otters%20lately%3F
&watch
&basetimestamp=2009-06-22T13:52:41ZZ
&token=d96d72fae5e6c43b0b9f63d82ace366%2B%5C

Categories