Doorkeeper: OAuth2::Error: Invalid grant

Created on 20 May 2016  路  4Comments  路  Source: doorkeeper-gem/doorkeeper

I'm building an API using rails 5 api. I already manage to build an api using Ryan Bates tutorial previously.

I'm just confused. I'm always getting this

OAuth2::Error: invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.

I have generated new app id and secret but still I got this error. I follow Ryan Bates tutorial previously then now cannot. Is there any issue in rails 5 about this.

Hope someone can help me. I already spend 3 days, trying to figure it out.

Most helpful comment

OAuth2::Error: invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request

Is you redirect URI matches with authorization callback ? Check it again please

All 4 comments

@eebasadre if you mean that story http://railscasts.com/episodes/353-oauth-with-doorkeeper , then you must read something else (github documentation for example), because it is very old (4 years ago).

Besides, we need more information about your project and it env:

  • Doorkeeper gem version
  • Doorkeeper config
  • Samples of code, that uses doorkeeper for authentication (controllers, etc)
  • Did you get an AccessGrant to interact with protected resources?

Thanks for your reply @nbulaj

I also follow the wiki in doorkeeper. There is no so much difference ( maybe I missed something or what )

I did everything in console, for testing in getting my access token.

Doorkeeper::Application.create( name: "test", redirect_uri: "http://localhost:3000/auth/test/callback" )

then

client = OAuth2::Client.new( app_id, secret, site: "http://localhost:3000/" )
client.auth_code.authorize_url( redirect_uri: callback )
client.auth_code.get_token( code, redirect_uri: callback ) -- code is from the above command client id and this part I got the error.

Here is some of my details:

gem 'doorkeeper', '~> 4.0.0.rc4'

Because I'm just starting to build something. So, this the my doorkeeper.rb.

Doorkeeper.configure do
orm :active_record```
resource_owner_authenticator do
warden.authenticate!( scope: :user )
end

resource_owner_from_credentials do
user = User.find_for_database_authenticatio( email: params[:username] )
user if user && user.valid_passowrd?( params[:password] )
end

authorization_code_expires_in 1.week
access_token_expires_in 2.hours
use_refresh_token
default_scopes :public
grant_flows %w(authorization_code implicit password client_credentials)

end

OAuth2::Error: invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request

Is you redirect URI matches with authorization callback ? Check it again please

@nbulaj Thank you so much for your help. I think you are correct with the redirect uri it didn't match with my callback. I already fixed everything.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

ulitiy picture ulitiy  路  5Comments

edwinv picture edwinv  路  6Comments

rasheedhamdawi picture rasheedhamdawi  路  4Comments

anidhya picture anidhya  路  5Comments

krtschmr picture krtschmr  路  6Comments