I'm building an API using rails 5 api. I already manage to build an api using Ryan Bates tutorial previously.
I'm just confused. I'm always getting this
OAuth2::Error: invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
I have generated new app id and secret but still I got this error. I follow Ryan Bates tutorial previously then now cannot. Is there any issue in rails 5 about this.
Hope someone can help me. I already spend 3 days, trying to figure it out.
@eebasadre if you mean that story http://railscasts.com/episodes/353-oauth-with-doorkeeper , then you must read something else (github documentation for example), because it is very old (4 years ago).
Besides, we need more information about your project and it env:
Thanks for your reply @nbulaj
I also follow the wiki in doorkeeper. There is no so much difference ( maybe I missed something or what )
I did everything in console, for testing in getting my access token.
Doorkeeper::Application.create( name: "test", redirect_uri: "http://localhost:3000/auth/test/callback" )
then
client = OAuth2::Client.new( app_id, secret, site: "http://localhost:3000/" )
client.auth_code.authorize_url( redirect_uri: callback )
client.auth_code.get_token( code, redirect_uri: callback ) -- code is from the above command client id and this part I got the error.
Here is some of my details:
gem 'doorkeeper', '~> 4.0.0.rc4'
Because I'm just starting to build something. So, this the my doorkeeper.rb.
Doorkeeper.configure do
orm :active_record```
resource_owner_authenticator do
warden.authenticate!( scope: :user )
endresource_owner_from_credentials do
user = User.find_for_database_authenticatio( email: params[:username] )
user if user && user.valid_passowrd?( params[:password] )
endauthorization_code_expires_in 1.week
access_token_expires_in 2.hours
use_refresh_token
default_scopes :public
grant_flows %w(authorization_code implicit password client_credentials)end
OAuth2::Error: invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request
Is you redirect URI matches with authorization callback ? Check it again please
@nbulaj Thank you so much for your help. I think you are correct with the redirect uri it didn't match with my callback. I already fixed everything.
Most helpful comment
Is you redirect URI matches with authorization callback ? Check it again please