Hy. I have a problem with provider Google with HybridAuth 3.8.0. I have two php pages.
Page Sign-In.php
try
{
$config= [
'callback' => 'https://xxxxxxxxxx/gcallback',
'keys' => [
'id' => 'xxxxxxxxxxapps.googleusercontent.com',
'secret' => 'secret'
],
'scope' => 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile',
'authorize_url_parameters' => [
'approval_prompt' => 'force',
'access_type' => 'offline'
],
];
$adapter = new \Hybridauth\Provider\Google($config);
$adapter->authenticate(); // Redirect to Google
}
catch(Exception $e)
{
die($e->getMessage);
}
Page gcallback.php
try
{
$adapter = new \Hybridauth\Provider\Google($config);
// This line is commented because redirect loop to Google
//$adapter->authenticate();
$userdata= $adapter->getUserProfile();
die(var_dump($userdata));
}
catch(Exception $e)
{
die($e->getMessage());
}
After User Login successfully, callback page show this error:
ERROR: Signed API request to https://www.googleapis.com/oauth2/v3/userinfo has returned an error. HTTP error 401. Raw Provider API response: {"error": "invalid_request", "error_description": "invalid Credentials"}
How can I fix it? In my Google Cloud Platform, my project is in testing mode (oauth consent screen). I have created two test email users.
Related
I'm redirecting my user to Cognito hosted UI, then returning to my PHP application. If the code is found then I use Guzzle to exchange this with the access tokens, however I keep on receiving the following error:
{"error":"unauthorized_client"}
This is my code, I have double checked what i'm passing in with the documentation and it all looks fine to me!
if ($code = request()->input('code')) {
$client = new Client();
$confirmCodeDomain = "https://$domain/oauth2/token";
try {
$result = $client->post($confirmCodeDomain, [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => $client_id,
'code' => $code,
'redirect_uri' => 'https://localhost/auth/',
],
'headers' => [
'Content-Type' => 'application/x-www-form-urlencoded',
'Authorization' => 'Basic '.base64_encode("$client_id:$client_secret")
]
]);
} catch (\Exception $e) {
dd($e);
}
dd($result);
}
This is my serverless file which creates the AWS resources required, the error states:
unauthorized_client
Client is not allowed for code grant flow or for refreshing tokens.
However as you can see from my client definition the AllowedOAuthFlows is set to code:
resources:
Resources:
CognitoEmployeePool:
Type: AWS::Cognito::UserPool
Properties:
UserPoolName: employees
MfaConfiguration: OFF
AdminCreateUserConfig:
AllowAdminCreateUserOnly: true
Policies:
PasswordPolicy:
MinimumLength: 7
RequireLowercase: true
RequireUppercase: true
RequireNumbers: false
RequireSymbols: false
EmailConfiguration:
EmailSendingAccount: "COGNITO_DEFAULT"
UsernameAttributes:
- email
AutoVerifiedAttributes:
- email
CognitoEmployeePoolClient:
Type: AWS::Cognito::UserPoolClient
Properties:
ClientName: employees-webplanner
CallbackURLs:
- "https://localhost"
- "https://localhost/auth"
AllowedOAuthFlowsUserPoolClient: true
SupportedIdentityProviders:
- "COGNITO"
AllowedOAuthFlows:
- "code"
AllowedOAuthScopes:
- "openid"
- "email"
UserPoolId:
Ref: CognitoEmployeePool
ExplicitAuthFlows:
- ALLOW_ADMIN_USER_PASSWORD_AUTH
- ALLOW_REFRESH_TOKEN_AUTH
- ALLOW_USER_PASSWORD_AUTH
GenerateSecret: true
CognitoEmployeePoolDomain:
Type: AWS::Cognito::UserPoolDomain
Properties:
UserPoolId: !Ref CognitoEmployeePool
Domain: "marvs-sso"
Using Laravel 5 and trying to send some data from my site to another one, which provides me with the REST API. But they use cookies as a authorization. For this moment, I've passed auth successfully. And stuck on how should I send this cookie to API interface via POST method? Here is my listing.
Thanx in advance.
P.S. All things are going on inside the controller.
if (Cookie::get('amoauth') !== null) {
//COOKIE IS HERE
$client = new Client();
$newlead = $client->post('https://domain.amocrm.ru/private/api/v2/json/leads/set', [
'add' => [
'add/name' => 'TEST LEAD',
'add/date_create' => time(),
'add/last_modified' => time(),
'add/status_id' => '1',
'add/price' => 5000
]
]);
} else {
$client = new Client();
$auth = $client->post('https://domain.amocrm.ru/private/api/auth.php',[
'USER_LOGIN' => 'login',
'USER_HASH' => 'hash',
'type' => 'json'
]);
$auth = $auth->getHeaders('Set-Cookie');
Cookie::queue('amoauth', $auth, 15);
return redirect('/test');
}
Now it returns me the following:
Client error: `POST https://domain.amocrm.ru/private/api/v2/json/leads/set` resulted in a `401 Unauthorized` response.
Found the solution: switched to ixudra/curl.
I am using Laravel 5.3 with Socialite.
I am getting 400 Bad Request error with message:
Missing required parameter: redirect_uri
The URL it generates is:
https://accounts.google.com/o/oauth2/auth?scope=openid+profile+email&response_type=code&state=RYPmT1B93CaUdi44Z7iwfmRPx3hIy7an7yxAVY9l
Details below:
service.php
'google' => [
'client_id' => '1234455-u3ifk8tr1qs41487fmevg2h2s1v6ubue.apps.googleusercontent.com',
'client_secret' => 'DxSOS0p1xKNuPger3IS_E4-i',
'redirect' => 'http://localhost:8000/google/callback',
],
Routes
Route::get('/{provider}/redirect', 'Auth\RegisterController#redirectToProvider');
Route::get('/{provider}/callback', 'Auth\RegisterController#handleProviderCallback');
Authorized URI settings in Google Console
http://localhost:8000/google/callback
Controller
public function handleProviderCallback($provider)
{
try {
$social_user = Socialite::driver($provider)->user();
} catch (Exception $e) {
return redirect('/');
}
}
Just double check your service.php file, env file and api setting in google console
Example (no env in redirect):
'google' => [
'client_id' => env('GOOGLE_CLIENT_ID'),
'client_secret' => env('GOOGLE_CLIENT_SECRET'),
'redirect' => 'http://localhost:8000/api/login/google/callback'
],
I'm integrating with a affiliate platform for a client which provides an oAuth2 API, don't usually do massive amounts of work with oAuth2.
I've decided for my client, I'll use the PHP Leagues oAuth2 package: https://github.com/thephpleague/oauth2-client
Anyway, I've got an accessToken no problem! using the following:
$provider = new GenericProvider([
'clientId' => $this->config->affiliates->rakuten->clientId,
'clientSecret' => $this->config->affiliates->rakuten->clientSecret,
'redirectUri' => 'http://www.newintoday.com/',
'urlAuthorize' => 'https://api.rakutenmarketing.com/token', // Ignore
'urlAccessToken' => 'https://api.rakutenmarketing.com/token',
'urlResourceOwnerDetails' => 'https://api.rakutenmarketing.com/' // Ignore
]);
try {
// Try to get an access token using the resource owner password credentials grant.
$accessToken = $provider->getAccessToken('password', [
'username' => $this->config->affiliates->rakuten->username,
'password' => $this->config->affiliates->rakuten->password,
'scope' => $this->config->affiliates->rakuten->publisherId,
]);
$productSearchApiBaseUri = 'https://api.rakutenmarketing.com/productsearch/1.0';
$request = $provider->getAuthenticatedRequest('GET', $productSearchApiBaseUri, $accessToken, [
'body' => '?keyword=shirt',
]);
\Utils::dump($provider->getResponse($request));
} catch (IdentityProviderException $e) {
echo $e->getMessage();
}
My question is once we have the accessToken what do we use in it to make the request, I followed through the code and came up with the above but the API responds saying that the keyword is not specified? Is
$request = $provider->getAuthenticatedRequest('GET', $productSearchApiBaseUri, $accessToken, [
'body' => 'keyword=shirt',
]);
The correct way to provide it with a GET variable?
Thanks in advance.
Realised I could simply include the get vars in the URI alla:
$productSearchApiBaseUri = 'https://api.rakutenmarketing.com/productsearch/1.0?keyword=shirt';
I'm trying to get a Social login with Facebook in place using Laravel and The league OAuth2 client but I'm getting this error:
Required option not passed: access_token Array ( [{"error":{"message":"Error_validating_client_secret_","type":"OAuthException","code":1}}] => )
I've followed the instructionns in the package github page, but I can't get it to work.
My controller action code:
$facebook = $this->socialRepository->facebookLogin();
$code = \Input::get("code");
if(!isset($code)) {
$authURL = $facebook->getAuthorizationUrl();
return \Redirect::away($authURL);
} else {
$token = $facebook->getAccessToken('authorization_code', ['code' => $code]);
try {
$userDetails = $facebook->getUserDetails($token);
dd($userDetails);
} catch (\Exception $e) {}
}
And the repository code:
public function facebookLogin()
{
return new Facebook(
[
'clientId' => $this->config->get("social.facebook.clientID"),
'clientSecret' => $this->config->get("social.facebook.clientSercret"),
'redirectUri' => $this->config->get("social.facebook.redirectUri"),
'scopes' => $this->config->get("social.facebook.scopes"),
]
);
}
This normally happens when the redirect URL, app ID or secret are incorrect.
For example,
'clientSecret' => $this->config->get("social.facebook.clientSercret"),
Are you you meant social.facebook.clientSercret and not social.facebook.clientSecret (no extra r)