This is the library which I used https://github.com/php-twinfield/
It's an issue when I call the Oauth login. I have completed almost APIs with username and password but client wants it with Oauth. I think there is a problem in redirectUri. When I called Oauth it always show:
{
"success": false,
"error": "invalid_grant"
}
This is my credential. Clientid and clientsecret is obtained from mail and the redirect uri set from Openid Twinfield link. Please correct me if there is anything wrong in credential.
clientId : Demorent
clientSecret : /iY7gyWn3Hkdgs4XzUG66SDyPNkk177x3A==
redirectUri : https://www.oauth.client.redirect.uri.com
The code which are used:
public function login(\Illuminate\Http\Request $request)
{
try {
// In the $request param all the credential given
$provider = new \PhpTwinfield\Secure\Provider\OAuthProvider([
'clientId' => $request->clientId,
'clientSecret' => $request->clientSecret,
'redirectUri' => $request->redirectUri
]);
// Here pass the authorization code
$accessToken = $provider->getAccessToken("authorization_code", ["code" =>'NLA000067']);
$refreshToken = $accessToken->getRefreshToken();
$office = \PhpTwinfield\Office::fromCode("1008");
$connection = new \PhpTwinfield\Secure\OpenIdConnectAuthentication($provider, $refreshToken, $office);
$customerApiConnector = new \PhpTwinfield\ApiConnectors\CustomerApiConnector($connection);
$result = $customerApiConnector->get('1008',$office);
$jsonResponse = JsonResponse::success($result);
} catch(SoapFault $e) {
$jsonResponse = empty($e->getMessage()) ? JsonResponse::error(class_basename($e)) : JsonResponse::error($e->getMessage());
}
return $jsonResponse;
}
To start,
invalid_grant
is a standard OAuth 2.0 error parameter. Since OpenID Connect is build on OAuth 2.0, it's valid to receive this response. If you check the 5.2 Error Response section, you find below explanationAs it explains, it could be anything from redirect URI, resource owner credentials. But I see some issue with your code related to authorization code.
Are you using a hard coded authorization_code (NLA000067) ? This is wrong. First step of Authorization Code grant is to obtain the authorization code. Then only you can perform the token request. You obtain the authorization code from authorization request and I don't see you are doing that.
If this is the case, error response you are getting is completely valid. As explained above
invalid_grant
is resulted from invalid authorization code.p.s- May be this link will guide you to correct the issue