When i tried to Curl Authorization

AS you mentionded in Readme with changing in access code sure

curl -H 'Authorization: Bearer c859d2c9eec4800a6277671eba72a5a6f54f8693' http://localhost:8888/books

it returns , 401 Unauthorized

Hi,

I am trying to figure out your setup - it looks awesome; but I am overseeing something! The thing I am stuck on is:

{ "error": "invalid_request" "error_description": "The grant type was not specified in the request" }

When calling: http://localhost/cheapp/index.php/token from the advanced rest client with payload: client_id=librarian&client_secret=secret&grant_type=client_credentials and header: Accept: application/json

It keeps throwing that nasty: "error": "invalid_request"

probably had something to do with my setup .. database creation was not done by running some script but by finding the create tables in the code and running them. Should I have used composer for this in some way? Could only find some test code that hit this - so how does this work?

curl -X POST -d client_id=librarian -d client_secret=secret -d grant_type=client_credentials http://test.com/token

produce

{"error":"unsupported_grant_type","error_description":"Grant type "client_credentials" not supported"}

if $storage->setClientDetails('librarian', 'secret', null, null, 'bookCreate'); used then it is not possible to use the curl request like in your sample said.

I have tried it with grant_type client_credentials also $storage->setClientDetails('librarian', 'secret', null, 'client_credentials', 'bookCreate'); without success.

GitHub changed the way Markdown headings are parsed, so this change fixes it.

See bryant1410/readmesfix for more information.

Tackles bryant1410/readmesfix#1

I integrated your implementation into my system and I cannot render the authorization template form. The error message and trace is as follows:

Details Type: RuntimeException Message: View cannot render authorize.phtml because the template does not exist File: C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\View.php Line: 272

Trace

#0 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\View.php(255): Slim\View->render('authorize.phtml', NULL)
#1 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\View.php(243): Slim\View->fetch('authorize.phtml', NULL)
#2 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Slim.php(757): Slim\View->display('authorize.phtml')
#3 C:\xampp\htdocs\api-fmis\v2\vendor\chadicus\slim-oauth2-routes\src\Authorize.php(65): Slim\Slim->render('authorize.phtml', Array)
#4 [internal function]: Chadicus\Slim\OAuth2\Routes\Authorize->__invoke()
#5 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Route.php(468): call_user_func_array(Object(Chadicus\Slim\OAuth2\Routes\Authorize), Array)
#6 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Slim.php(1357): Slim\Route->dispatch()
#7 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Middleware\Flash.php(85): Slim\Slim->call()
#8 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Middleware\MethodOverride.php(92): Slim\Middleware\Flash->call()
#9 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Middleware\PrettyExceptions.php(67): Slim\Middleware\MethodOverride->call()
#10 C:\xampp\htdocs\api-fmis\v2\vendor\slim\slim\Slim\Slim.php(1302): Slim\Middleware\PrettyExceptions->call()
#11 C:\xampp\htdocs\api-fmis\v2\index.php(14183): Slim\Slim->run()
#12 {main}

This package is a meta-package, declaring components as dependencies. These are listed below, with links to each repository; most issues and pull requests rightfully belong against the individual components and should be made accordingly.

• chadicus/slim-oauth2-http
• chadicus/slim-oauth2-middleware
• chadicus/slim-oauth2-routes

If you have a pull request for the meta-package please remove the above portion and use the template below.

Fixes # .

What does this PR do?

Checklist

• [ ] Pull request contains a clear definition of changes
• [ ] Relevant documentation produced and/or updated

I have used your samples to test your oauth2 middleware and found some problems. One of them is that return value isn't like desired.

Here are a sample method $app->get('/test', $authorization, function() use ($app) { $app->contentType('application/json'); $app->response->setBody(json_encode(array("status" => "success"))); });

Without correct authorization, the response is still the same. only the return code is 403 instead to 200. Or is it intend to check the authorization in function again? {"status":"success"}

I am not sure which dependency would be best to put this but it could make a good example.

I have a API which is secured using this library, all well and good if user exists in the oauth users table, issue comes when I want to auth a user via social login which will be for an app I am developing.

1. tell user to go to FB auth
2. user auths request and is redirected back to API (or just gets the return code)
3. return code is supplied to API and I use Facebook SDK to confirm its all good and register user if does not already exist
4. now problem is how do I return an access token to the client based on the user in question that has been validated via social login.

In a session based system all is good but the api should be stateless, rather relying on oauth tokens. This is something that seems to be lacking in the docs.