Menu
good day,
I'm having trouble with getting the access token. I've followed the guide here: http://developers.box.com/oauth/ and already get my client_id, client_secret, and set the redirect_uri on the App settings (OAuth2 parameters) section.
Here is the code for the file client.php
<?php
$client_id = 'my_client_id_here'; //removed
$post_url = 'https://www.box.com/api/oauth2/authorize';
include 'includes/header.php';
?>
<div id="content">
<form action="<?php echo $post_url; ?>" type="POST" enctype="application/x-www-form-urlencoded">
<input type="text" name="response_type" value="code">
<input type="text" name="client_id" value="<?php echo $client_id; ?>">
<input type="text" name="state" value="vexhax97td8xf_SomeTemporaryValueForTesting">
<input type="submit">
</form>
<div id="response"></div>
</div>
<?php
include 'includes/footer.php';
?>
and here's code for the file something.php (this is where the redirect_uri will go)
<?php
$client_id = 'my_client_id_here'; //removed
$client_secret = 'my_client_secrect_here'; //removed
$post_url = 'https://www.box.com/api/oauth2/token';
$code = $_GET['code'];
include 'includes/header.php';
$fields_params = array(
"grant_type" => 'authorization_code',
"code" => $code,
"client_id" => $client_id,
"client_secret" => $client_secret
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $post_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_params);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Accept: application/json'
));
$data = curl_exec($ch);
curl_close($ch);
$json = json_decode($data, true);
var_dump($json);
?>
<div id="content">
<?php
//Nothing fancy, just for displaying passed values
if (isset($_GET))
var_dump($_GET);
if (isset($_POST))
var_dump($_POST);
?>
</div>
<?php
include 'includes/footer.php';
?>
...now what happens is,
1.) on the first step (client.php), there is a form there with submit button.
2.) After i clicked on the submit button, i get redirected to the Box' login page with the button "Authorize".
3.) after entering login details and allow granting access for my app. I now gets redirected to the redirect_uri that i've set on the App settings (something.php), where in this file, it will execute curl post to get an access token, but i get stuck at this part, the curl result returns with the error:
array(2) { ["error"]=> string(14) "invalid_client" ["error_description"]=> string(34) "The client credentials are invalid" }
I'm sure that I have entered my client_id and client_secret correctly which I've obtained from the App settings. And the url for the redirect_uri, is also SSL enabled.
Any solutions, ideas why this is happening?
Thank you for your help.
844
When a user tries to login after the session id is expired, the system throws the OAuth error. Solution: Typically, clearing the browser or device cache fixes the problem.
Invalid Client If the error raised is Invalid client, then it may be due to two reasons: 1.The client_id that is being passed is invalid. Please verify the client_id once again in https://api-console.zoho.com/ 2.It is possible that you are not making the request to the correct Data Center.
If the access token request is invalid, such as the redirect URL didn't match the one used during authorization, then the server needs to return an error response. Error responses are returned with an HTTP 400 status code (unless specified otherwise), with error and error_description parameters.
unauthorized_client comes when your clientId and clientSecret are not matching. access_denied comes when you are a legitimate user but don't have permissions to perform certain operation.
The problem is in the cURL headers you're setting something.php. Remove the Content-Type header. In fact, you can not set the headers at all - cURL will send the correctly encoded parameters and Box will return JSON data by default.
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Accept: application/json'
));
Here is how I received the token in JS
authorizeUser = function(){
var results = $.ajax({
// The URL to process the request
url : 'https://www.box.com/api/oauth2/token',
type : 'POST',
data : {
grant_type : 'authorization_code',
code : data.boxAuthorizationCode,
client_id : data.clientId,
client_secret : data.clientSecret
},
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", "Bearer $token")
},
dataType: "json",
success: function(response) {
//console.log(response);
console.log(response.access_token);
data.access_token = response.access_token;
tokenGranted();
}
});
return results.responseText;
},
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With