I am having a hell of a time getting an Access token using OAuth 2.0
My site requests a Authorization code.. and redirects back to my page once its got it.. I then have those variables to use to send for an access token
Also I have tried to put the params in query instead of headers.. and same result
$response = $httpClient->request('POST', $tokenURL, [
'headers' => [
'code' => $_GET['code'],
'client_id' => 'CLIENT ID',
'client_secret' => 'CLIENT SECRET',
'grant_type' => 'authorization_code',
'redirect_uri' => 'https://127.0.0.1:8000/connect',
],
]);
I have this requests linked to a button. so when I press the button it will send the request off...
Im getting 400 Response, and I have no idea what I am missing!
In a request to the token endpoint you should be sending the parameters in the body of the request, like a form. Currently you send them in headers, which is not right. Also make sure what is the correct way of authenticating the client when making a call to the token endpoint. You might have to send an Authorization
header with Basic
authentication.
So your request might look like this:
$response = $httpClient->request('POST', $tokenURL, [
'body' => [
'code' => $_GET['code'],
'client_id' => 'CLIENT ID',
'client_secret' => 'CLIENT SECRET',
'grant_type' => 'authorization_code',
'redirect_uri' => 'https://127.0.0.1:8000/connect',
],
]);
or maybe like this:
$response = $httpClient->request('POST', $tokenURL, [
'headers' => [
'Authorization' => 'Basic ' . base64_encode('CLIENT ID:CLIENT SECRET')
],
'body' => [
'code' => $_GET['code'],
'grant_type' => 'authorization_code',
'redirect_uri' => 'https://127.0.0.1:8000/connect',
],
]);