Unsupported_grant_type with mezzio-authentication-oauth2

vigcraig · December 11, 2021, 8:42pm

Hi,
I am just getting started with mezzio-authentication-oauth2 library and I am having a little trouble with progressing it.
I have started with at mezzio skeleton, added the mezzio-authentication-oauth2 library and created the route /oauth2/token.
When I make a POST, it fails with a http return code 400 regardless of how I set the grant_type.

Request:

{
    "grant_type": "authorization_code",
    "client_id" : "test_client",
    "client_secret" : "test_secret",
    "redirect_uri " : "localhost",
    "code" : "545604564056"
}

Response:

{
    "error": "unsupported_grant_type",
    "error_description": "The authorization grant type is not supported by the authorization server.",
    "hint": "Check that all required parameters have been provided",
    "message": "The authorization grant type is not supported by the authorization server."
}

My grants are all enabled as per the default, so I can’t see why it won’t accept the provided grant type

I must be missing a step in setting up the authorization server, but I can’t see what from the docs.

What do I need to do to allow my grant types to be accepted?

vigcraig · December 13, 2021, 3:00pm

It looks like the https://oauth2.thephpleague.com/, and by extension, the mezzio-authentication-oauth2 library doesn’t pick up on json data in the post unless body parse middleware is included in the application.

This is down to League\OAuth2\Server\Grant\AbstractGrant functions like canRespondToAccessTokenRequest() and getRequestParameter() using $request->getParsedBody(), which returns null when json is provided, even when the Content-Type in the header is set to application/json.

To fix:

Add the BodyParams\BodyParamsMiddleware to the pipeline:

use Mezzio\Helper\BodyParams\BodyParamsMiddleware;

// I put this before the RouteMiddleware
$application->pipe(BodyParamsMiddleware::class);

Lost a bunch of time on this, I am wondering if the docs should include a mention of it?

froschdesign · December 14, 2021, 8:20am

Please create an issue report in the related issue tracker. Thanks in advance!

vigcraig · December 14, 2021, 12:02pm

Issue raise: Body Parsing Middleware Requirement · Issue #39 · mezzio/mezzio-authentication-oauth2 · GitHub
Thanks.

Topic		Replies	Views
OAuth2: Responding to token request when requested scopes differ Mezzio mezzio-authentication	1	341	January 12, 2022
OAuth2 error in Mezzio Mezzio mezzio , mezzio-authentication	5	619	December 29, 2021
Create API for mobile App backend with Mezzio [Help] Mezzio	1	498	August 16, 2021
Fill roles[] (UserInterface) after authenticate (oauth2) Mezzio mezzio-authorization , mezzio-authentication	6	431	October 20, 2021
OAuth2 with Expressive 2 - Config help needed Mezzio expressive	18	4296	December 13, 2019

Unsupported_grant_type with mezzio-authentication-oauth2

Related Topics