Search code examples
httpoauth-2.0openid-connectory-hydra

how to exchange code to token in Ory Hydra

I'm following Ory Hydra 5 Minute Tutorial.

This tutorial uses a sample Webapp and I'm trying to understand the flow how to convert Code to Token via HTTP POST.

I have several troubles with the POST:
400 Bad Request Request parameter 'grant_type' is missing
400 Bad Request "invalid_grant"
401 Unauthorized "invalid_client"

and it's not clear how to proceed.

Solution

  • Client Creation

    • During creation of your client make sure to add --token-endpoint-auth-method client_secret_post so that http post is legal later on
    • have your own landingpage (which prints the code for you from the http request for convenience)
    docker-compose -f quickstart.yml exec hydra     hydra clients create     --endpoint http://127.0.0.1:4445     --id helloworld-auth-code-client     --secret secret     --grant-types authorization_code,refresh_token     --response-types code,id_token     --scope openid,offline   --token-endpoint-auth-method client_secret_post  --callbacks http://127.0.0.1:3344/loggedin

    Login and Retrieve Code

    Trigger Login http://127.0.0.1:4444/oauth2/auth?client_id=helloworld-auth-code-client&response_type=code&scope=openid offline&state=hniavseoniasethiohsaent

    convert code to token

    POST
http://127.0.0.1:4444/oauth2/token
header: Content-Type application/x-www-form-urlencoded
Body: (no curly brackets, just replace the code below and take the following)
response_type=token&grant_type=authorization_code&code=PUTYOURCODEHERE&redirect_uri=http://127.0.0.1:3344/loggedin&client_id=helloworld-auth-code-client&client_secret=secret