Doorkeeper: Cause of invalid_grant error

Created on 2 Sep 2015  路  5Comments  路  Source: doorkeeper-gem/doorkeeper

Please help to understand the cause of an error. Maybe the message should be more verbose? Here's my code:

  scenario 'auth ok', focus: true do
    client = OAuth2::Client.new(app.uid, app.secret) do |b|
      b.request :url_encoded
      b.adapter :rack, Rails.application
      b.response :logger
    end
    token = client.password.get_token(user.email, user.password)
    token.should_not be_expired
  end
Started POST "/oauth/token" for 127.0.0.1 at 2015-09-02 13:23:13 +0500
Processing by Doorkeeper::TokensController#create as HTML
  Parameters: {"client_id"=>"e713b4455f11d8a222ca5f0a19a78a7816825bb5744091e6b1e914495aa8a852", "client_secret"=>"[FILTERED]", "grant_type"=>"password", "password"=>"[FILTERED]", "username"=>"[email protected]"}
source=rack-timeout id=0cde3c01a5f4fbcf6161048e4dcf43ff timeout=15000ms service=14ms state=active
  MOPED: 127.0.0.1:27017 QUERY        database=novatics_test collection=users selector={"$query"=>{"email"=>""}, "$orderby"=>{:_id=>1}} flags=[] limit=-1 skip=0 batch_size=nil fields=nil runtime: 0.4110ms
  MOPED: 127.0.0.1:27017 QUERY        database=novatics_test collection=oauth_applications selector={"uid"=>"e713b4455f11d8a222ca5f0a19a78a7816825bb5744091e6b1e914495aa8a852", "secret"=>"b7051fcfde066cd53f4bb645d5ff36aa74dee3e83e280d7c6bbd784d9116a2a0"} flags=[] limit=1 skip=0 batch_size=nil fields=nil runtime: 0.2910ms
Completed 401 Unauthorized in 3ms
     Failure/Error: token = client.password.get_token(user.email, user.password)
     OAuth2::Error:
       invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
       {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

Most helpful comment

I used
User.find_for_database_authentication(email: params[:email]) (not correct)
instead of
User.find_for_database_authentication(email: params[:username]) (correct)

All 5 comments

It was en error in implementation of resource_owner_from_credentials, user wasn't assigned.

It was en error in implementation of resource_owner_from_credentials, user wasn't assigned.

Can you please explain what exactly was wrong? How was it before, and how is it now? Thank you!

I used
User.find_for_database_authentication(email: params[:email]) (not correct)
instead of
User.find_for_database_authentication(email: params[:username]) (correct)

Thanks!

I'm now using this. Not that anybody cares. ^^

User.find_for_database_authentication(email: params[:username] || params[:email])
Was this page helpful?
0 / 5 - 0 ratings