I'm using https://github.com/jumbojett/OpenID-Connect-PHP this library to auth an user from identify server 4.
I'm trying to connect to identify server which has this settings
Scope : offline_access
Response type: code id_token
DefaultScheme = “Cookie”
Error I'm getting:
Sorry, there was an error : unauthorized_client
Invalid grant type for client
My code
$issuer = 'issuer';
$cid = 'clientid';
$secret = 'clientsecret';
$oidc = new Jumbojett\OpenIDConnectClient($issuer, $cid, $secret);
$oidc->addScope(array('openid', 'offline_access'));
$oidc->authenticate();
$oidc->requestUserInfo('sub');
$user = $oidc->requestUserInfo();
session_start();
$_SESSION['user'] = $user;
Related
I have generated tokens and code and everything and i am able to login and authorize the user but somehow I am getting error. Two error has been spotted.
First One
(
[error] => invalid_grant
[error_description] => Authorization code doesn't exist or is invalid for the client
)
Sometimes authorization code is not generating so I am getting above error. And sometimes when I am able to generate auth_code I am getting below error
{"error":"invalid_token","error_description":"The access token provided is invalid"}
I am developer of the site abcd.com and now I have a platform where I need to develop my abcd.com for that platform. To implement login I have to use OAuth2.0 and this is the requirement of the platform. I have read a lot of documents on OAuth2.0 and build the app. I am using codeigniter though.
server.php
$dsn = 'mysql:dbname=my_oauth2_db;host=localhost';
$username = 'root';
$password = '';
// error reporting (this is a demo, after all!)
ini_set('display_errors',1);error_reporting(E_ALL);
// Autoloading (composer is preferred, but for this example let's just do this)
require_once('oauth2-server-php/src/OAuth2/Autoloader.php');
OAuth2\Autoloader::register();
// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => $username, 'password' => $password));
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new OAuth2\Server($storage);
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$scope = new OAuth2\Scope(array(
'supported_scopes' => array('email')
));
$server->setScopeUtil($scope);
Here is my authorize.php
require_once __DIR__.'/server.php';
$request = OAuth2\Request::createFromGlobals();
$client_id = $request->query['client_id'];
$response = new OAuth2\Response();
if (!$server->validateAuthorizeRequest($request, $response)) {
$response->send();
die;
}
if (empty($_POST)) {
exit('<form method="post">
<label>Do You Authorize '.$client_id.'?</label><br />
<input class="yes_authorize" type="submit" name="authorized" value="Yes">
<input class="no_authorize" type="submit" name="authorized" value="No">
</form>');
}
$is_authorized = ($_POST['authorized'] === 'Yes');
$server->handleAuthorizeRequest($request, $response, $is_authorized);
if ($is_authorized) {
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
$client_secret = $_GET['state'];
$token_value = shell_exec("curl -u CLIENT_ID:CLIENT_SECRET https://abcd.com/api/token.php -d 'grant_type=authorization_code&code=$code'");
$token = json_decode($token_value);
$access_token = $token->access_token;
$expires_in = $token->expires_in;
$state = $_GET['state'];
$resource_result = shell_exec("curl https://abcd.com/api/resource.php -d 'access_token=$code'");
$redirect_url = $_GET['redirecturi']."?code=$access_token&state=".$_GET['state'];
exit(header("location: $redirect_url"));
}
$response->send();
resource.php
require_once __DIR__.'/server.php';
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$server->getResponse()->send();
die;
}
echo json_encode(array('success' => true, 'message' => 'You accessed my APIs!'));
token.php
require_once __DIR__.'/server.php';
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
If you see authorize.php, After generating access_token through token.php, If I pass that to resource.php, I am getting second error. AND I have passed auth_code as well as access_token both to my redirect url, but I am getting not able to get through.
When I attempt to connect to QBO via the Consolibyte package I downloaded I get an error.
Error Code: internal_error
Message: Error getting application from request token
You can contact us for further assistance. Error
Id:ixnkryec2iu513ef45f3f5xv-12940655
I have set up the config.php file as directed in the instructions and even got to the point of authorizing the application with Quickbooks but now when I navigate to the page it indicates that I am not logged in and when I click the "Connect to QuickBooks" button on the index.php page I get the error above. I'm not familiar enough with the process to know where to start troubleshooting this problem and any help would be greatly appreciated.
Link: http://production.technology-architects.com/unleashed_new/quickbook/docs/partner_platform/example_app_ipp_v3/
example_app_ipp_v3/config.php code
require_once dirname(__FILE__) . '/../../../QuickBooks.php';
$token = 'f5ddd229b1d19b4153b8218b08b97897050f';
$oauth_consumer_key = 'qyprdYvvyNLq1om6FSw0xLebctZEAz';
$oauth_consumer_secret = 'KCLYZRgZ4LnHUB35AzvylxnH6c8CDCyjhva8I9Gp';
$sandbox = true; // When you're using development tokens
$quickbooks_oauth_url = 'http://production.technology-architects.com/unleashed_new/quickbook/docs/partner_platform/example_app_ipp_v3/oauth.php';
$quickbooks_success_url = 'http://production.technology-architects.com/unleashed_new/quickbook/docs/partner_platform/example_app_ipp_v3/success.php';
$quickbooks_menu_url = 'http://production.technology-architects.com/unleashed_new/quickbook/docs/partner_platform/example_app_ipp_v3/menu.php';
$dsn = 'mysqli://myusername:mypassword#localhost/databasename';
$encryption_key = 'bcde1234';
$the_username = 'DO_NOT_CHANGE_MEddd';
$the_tenant = 'sdfaswrqwerqwr';
if (!QuickBooks_Utilities::initialized($dsn)){
QuickBooks_Utilities::initialize($dsn);
}
$IntuitAnywhere = new QuickBooks_IPP_IntuitAnywhere($dsn, $encryption_key, $oauth_consumer_key, $oauth_consumer_secret, $quickbooks_oauth_url, $quickbooks_success_url);
if ($IntuitAnywhere->check($the_username, $the_tenant) and $IntuitAnywhere->test($the_username, $the_tenant)){
$quickbooks_is_connected = true;
$IPP = new QuickBooks_IPP($dsn);
$creds = $IntuitAnywhere->load($the_username, $the_tenant);
$IPP->authMode(
QuickBooks_IPP::AUTHMODE_OAUTH,
$the_username,
$creds);
if ($sandbox){
$IPP->sandbox(true);
}
$realm = $creds['qb_realm'];
$Context = $IPP->context();
$CompanyInfoService = new QuickBooks_IPP_Service_CompanyInfo();
$quickbooks_CompanyInfo = $CompanyInfoService->get($Context, $realm);
} else {
$quickbooks_is_connected = false;
}
None of the tokens or OAuth credentials you have in your code match what you have in the screenshot.
Fix your tokens and OAuth values.
$token = 'f5ddd229b1d19b4153b8218b08b97897050f';
$oauth_consumer_key = 'qyprdYvvyNLq1om6FSw0xLebctZEAz';
$oauth_consumer_secret = 'KCLYZRgZ4LnHUB35AzvylxnH6c8CDCyjhva8I9Gp';
I am playing around with Dropbox PHP SDK and I have a wired problem. On my localhost environment it works like a charm, but on my server it does not. I have ssl and the dropbox redirect urls is: https://flaviuscojocariu.com/arhitecta/dropbox_finished.php
I don't understand where the problem can be, as I searched my entire code for http://localhost/ links and replaced everything. I get only the 500 error and I don't understand why.
Can someone advice?
If needed I can provide more code. This is the code which I use for auth.
<?php
session_start();
$_SESSION['user_id'] = 1;
require __DIR__.'/../vendor/autoload.php';
$dropboxKey = '***';
$dropboxSecret = '***';
$appName = '***';
$appInfo = new Dropbox\AppInfo($dropboxKey,$dropboxSecret);
// Store CSRF token
$csrfToken = new Dropbox\ArrayEntryStore($_SESSION, 'dropbox-auth-csrf-token');
// Define auth details
$webAuth = new Dropbox\WebAuth($appInfo, $appName, 'http://localhost/arhitecta/dropbox_finished.php', $csrfToken);
$db = new PDO('mysql:host=127.0.0.1;dbname=arhitecta;', 'root','');
//User datails
$user = $db->prepare("
SELECT * FROM users WHERE id = :user_id
");
$user->execute(['user_id' => $_SESSION['user_id']]);
$user = $user->fetchObject();
i have a webapp working with Laravel.
i have some users registered in my webapp.
users who dont want to create a account can use Facebook/Google+ login.
to make Facebook/Google+ connection, i used a oAuth2 connexion with :
oauth-4-laravel
on the iOS application, users can login using username and password but they can login too with Facebook/Google+ using FB/G+ SDK.
my questions is, how to login on my webapp users from iOS who are connected by Facebook/Google+.
artdarek/oauth-4-laravel require a "code" given by the social network, and i dont know how to get it on iOS.
here the code for users who want to connect to the webapp by web browser :
public function loginWithFacebook() {
// get data from input
$code = Input::get( 'code' );
// get fb service
$fb = OAuth::consumer( 'Facebook' );
// check if code is valid
// if code is provided get user data and sign in
if ( !empty( $code ) ) {
// This was a callback request from facebook, get the token
$token = $fb->requestAccessToken( $code );
// Send a request with it
$result = json_decode( $fb->request( '/me' ), true );
// $message = 'Your unique facebook user id is: ' . $result['id'] . ' and your name is ' . $result['name'];
//echo $message. "<br/>";
//Var_dump
//display whole array().
// dd($result);
if (User::where('fb_id','=', $result['id'])->count() == 0) {
$user = new User;
$user->firstname = $result['first_name'];
$user->lastname = $result['last_name'];
$user->username = $result['email'];
$user->email = $result['email'];
$user->fb_id = $result['id'];
$user->yearofbirth = substr($result['birthday'],6,9);
$user->fk_role=3;
if ($result['gender'] == 'male') {
$user->sex = 1;
}
else{
$user->sex = 0;
}
$user->save();
}
else{
$user = User::where('fb_id','=', $result['id'])->first();
}
Auth::login($user);
Userslog::log('desktop_facebook_login');
return Redirect::to('/')->with('message', 'Logged in with Facebook');
}
// if not ask for permission first
else {
// get fb authorization
$url = $fb->getAuthorizationUri();
// return to facebook login url
return Redirect::to( (string)$url );
}
}
i finally find a solution in the issues of oauth-4-laravel on github,
i just have to use iOS AccessToken and connect the user to the webapp using this token.
here the code laravel code to use the Token ;)
use OAuth\OAuth2\Token\StdOAuth2Token;
$token_interface = new StdOAuth2Token(Input::get( 'token' ));
$network = OAuth::consumer( 'Facebook' );
$network->getStorage()->storeAccessToken('Facebook', $token_interface);
$result = json_decode( $network->request( '/me' ), true );
$fb_id = $result['id'];
To Resume,
the best way is ; to login with Facebook/Google+ on iOS,
when login finish with success, get the AccessToken and send to the webapp.And then the webapp use you token to login again the user to Facebook/Google+ and finally , the user is verified and you can login it to laravel webapp.
have a nice day.
I'm quite in the same situation here.
With the solution you provide, how are you preventing other applications to send their own AccessToken and access your Laravel application?
I assume you send the token via a POST request from you iOS app to a certain endpoint of your Laravel app, therefore any developper knowing this endpoint could pretend to be logged on your mobile application, no?
Hi all i developed an application for posting tweet using PHp with twitter api 1.1. But that option is only working for me only. If any one authenticated and try to send tweet using that. It's posting tweet on my wall.
How to make this generalized for anyone.
YOUR_CONSUMER_KEY = 'xxxxxxxxxxxxxx';
YOUR_CONSUMER_SECRET = 'xxxx';
$twitteroauth = new TwitterOAuth(YOUR_CONSUMER_KEY, YOUR_CONSUMER_SECRET);
// Requesting authentication tokens, the parameter is the URL we will be redirected to
$request_token = $twitteroauth->getRequestToken('http://xxxx/xxxx/getTwitterData.php');
//print_r($request_token);
$twitteroauth = new TwitterOAuth(YOUR_CONSUMER_KEY, YOUR_CONSUMER_SECRET, $request_token['oauth_token'], $request_token['oauth_token_secret']);
$tmessage = $_POST['message'];
$content = $twitteroauth->post('statuses/update', array('status' => $tmessage));
it's posting tweets on your wall because you're using access token and secret of the app, or you're the authenticated user. You need to log in the user you want to post for, get their access token and secret, then use consumer key, secret, user access token and user access secret to post on their behalf.
It's a bit unclear what you're trying to do, but here's a sample post action with Abraham William's library, which you're using:
require_once('twitteroauth.php');
$key = "***";
$secret = "***";
$token = "***";
$token_secret = "***";
$connection = new TwitterOAuth($key, $secret, $token, $token_secret);
$message = "whatever";
$status = $connection->post($message);
$response= $connection->http_code;
if($response !=200){
echo "ERROR";
}else{
echo "life is good";
}