I am trying to implement authorization code grant with Laravel Passport and my SPA app. I stumbled upon following issue:
To my knowledge scopes in OAuth are optional, I don't have to request one while asking for code. Even
Does anyone know what is going on here?
Regards, Rob
CodePudding user response:
In your URL there is scope=''&
instead of scope=&
.
Try building the query parameters using http_build_query()
as per docs.
$query = http_build_query([
'client_id' => 'client-id',
'redirect_uri' => 'http://third-party-app.com/callback',
'response_type' => 'code',
'scope' => '',
'state' => $state,
'code_challenge' => $codeChallenge,
'code_challenge_method' => 'S256',
]);
Secondly, your code_challenge
ends with a =
.
So you probably should:
- remove the
=
sign at the end ofthis.challenge
- replace
-
ofthis.challenge
- replace
/
with_
ofthis.challenge
PHP example
$encoded = base64_encode(hash('sha256', $code_verifier, true));
$codeChallenge = strtr(rtrim($encoded, '='), ' /', '-_');
CodePudding user response:
from what i remember, you can just hardcode scopes to '*' and that should work, i did the same.