Sage One API - unsupported_grant_type

2020-07-17 04:13发布

站内问答 / PHP
1215 2 5

I am trying to obtain an access token for Sage One API by following the docs using Guzzle(v6) / Laravel 5.2 (Laravel's involvement is irrelevant for this question), it is stuck at the "request access token" stage.

The error

Client error: `POST https://api.sageone.com/oauth2/token` resulted in a
 `400 Bad Request` response: {"error":"unsupported_grant_type"}

The offending code

    $client = new Client([
        'base_uri'=>'https://api.sageone.com',
        'headers' => ['content_type' => 'application/x-www-form-urlencoded']
    ]);
    $data = [
        'client_id' => getenv('SAGE_CLIENT'),
        'client_secret' => getenv('SAGE_SECRET'),
        'code' => $request->code,
        'grant_type' => 'authorization_code',
        'redirect_uri'=>'https://myurl.com/sage/refresh'
    ];

    $response = $client->request('POST','/oauth2/token',['json' => $data]);

The docs state "grant_type - The type of grant the code relates to. Either authorization_code or refresh_token.", I have tried both. The other vars are all fine and dandy, just the grant_type appears to fail.

UPDATE 1 The debug header generates the output below.

* Hostname in DNS cache was stale, zapped * Trying 52.49.116.133... 
* Connected to api.sageone.com (52.49.116.133) port 443 (#0) 
* CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none 
* ALPN/NPN, server did not agree to a protocol 
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 
* Server certificate: 
* subject: CN=api.sageone.com,O=The Sage Group PLC,L=Newcastle Upon Tyne,ST=Newcastle Upon Tyne,C=GB,serialNumber=02231246,businessCategory=Private Organization,incorporationCountry=GB 
* start date: May 12 00:00:00 2014 GMT 
* expire date: May 11 23:59:59 2016 GMT 
* common name: api.sageone.com 
* issuer: CN=GeoTrust Extended Validation SSL CA - G2,O=GeoTrust Inc.,C=US > POST /oauth2/token HTTP/1.1 Host: api.sageone.com content_type: application/x-www-form-urlencoded User-Agent: GuzzleHttp/6.1.1 curl/7.43.0 PHP/5.6.18 Content-Type: application/x-www-form-urlencoded Content-Length: 216 
* upload completely sent off: 216 out of 216 bytes < HTTP/1.1 400 Bad Request < Content-Type: application/json < Date: Tue, 08 Mar 2016 10:53:09 GMT < Server: openresty < Content-Length: 26 < Connection: keep-alive < 
* Connection #0 to host api.sageone.com left intact

2条回答
乱世女痞
2楼-- · 2020-07-17 04:52

Using json for oAuth is indeed incorrect: http://tools.ietf.org/html/rfc6749#section-4.1.3 I think, this is incorrect:

$response = $client->request('POST','/oauth2/token',['json' => json_encode($data)]);

Instead, I would try something like this:

$response = $client->post('/oauth2/token', [], $data);

OR this

$response = $client->post('/oauth2/token', ['body' => $data]);

Another question, what about the first call https://www.sageone.com/oauth2/auth - did it go through?

查看更多
0人赞 添加讨论(0) 举报
趁早两清
3楼-- · 2020-07-17 04:59

You are POST-ing the values as JSON encoded data but you should POST with form-encoded. See: http://docs.guzzlephp.org/en/latest/request-options.html#form-params, so

$response = $client->request('POST','/oauth2/token',['form_params' => $data]);

EDIT:

You should check your code again since I've just verified and double-checked that this change makes it work on the live sage environment. The complete code that I used:

<?php
require 'vendor/autoload.php';

$client = new GuzzleHttp\Client([
        'base_uri'=>'https://api.sageone.com',
        'headers' => ['content_type' => 'application/x-www-form-urlencoded']
    ]);

$data = [
    'client_id' => getenv('SAGE_CLIENT'),
    'client_secret' => getenv('SAGE_SECRET'),
    'code' => getenv('SAGE_CODE'),
    'grant_type' => 'authorization_code',
    'redirect_uri'=>'https://myurl.com/sage/refresh'
];

$response = $client->request('POST','/oauth2/token',['form_params' => $data]);

echo $response->getBody();

?>
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)