Unsupported_grant_type with mezzio-authentication-oauth2

I am just getting started with mezzio-authentication-oauth2 library and I am having a little trouble with progressing it.
I have started with at mezzio skeleton, added the mezzio-authentication-oauth2 library and created the route /oauth2/token.
When I make a POST, it fails with a http return code 400 regardless of how I set the grant_type.


    "grant_type": "authorization_code",
    "client_id" : "test_client",
    "client_secret" : "test_secret",
    "redirect_uri " : "localhost",
    "code" : "545604564056"


    "error": "unsupported_grant_type",
    "error_description": "The authorization grant type is not supported by the authorization server.",
    "hint": "Check that all required parameters have been provided",
    "message": "The authorization grant type is not supported by the authorization server."

My grants are all enabled as per the default, so I can’t see why it won’t accept the provided grant type

I must be missing a step in setting up the authorization server, but I can’t see what from the docs.

What do I need to do to allow my grant types to be accepted?

It looks like the https://oauth2.thephpleague.com/, and by extension, the mezzio-authentication-oauth2 library doesn’t pick up on json data in the post unless body parse middleware is included in the application.

This is down to League\OAuth2\Server\Grant\AbstractGrant functions like canRespondToAccessTokenRequest() and getRequestParameter() using $request->getParsedBody(), which returns null when json is provided, even when the Content-Type in the header is set to application/json.

To fix:

Add the BodyParams\BodyParamsMiddleware to the pipeline:

use Mezzio\Helper\BodyParams\BodyParamsMiddleware;

// I put this before the RouteMiddleware

Lost a bunch of time on this, I am wondering if the docs should include a mention of it?

1 Like

Please create an issue report in the related issue tracker. Thanks in advance! :+1:t3:

Issue raise: Body Parsing Middleware Requirement · Issue #39 · mezzio/mezzio-authentication-oauth2 · GitHub