我在使用Microsoft Graph的Slim3 WebApp中使用聯盟/ oauth客戶端,並且我無法通過給定刷新令牌成功請求新令牌...Microsoft-Graph刷新令牌請求失敗... AADSTS70000
這是聯盟/ OAuth的客戶我二容器:
$container['oauthprovider'] = function()
{
$provider = new \League\OAuth2\Client\Provider\GenericProvider(
[
'clientId' => getenv('ENV_CLIENT_ID'),
'clientSecret' => getenv('ENV_CLIENT_SECRET'),
'redirectUri' => getenv('ENV_REDIRECT_URL'),
'urlAuthorize' => getenv('ENV_AUTHORIZE_URL'),
'urlAccessToken' => getenv('ENV_URL_ACCESS_TOKEN'),
'urlResourceOwnerDetails' => '',
'scopes' => 'offline_access user.read people.read user.read.all openid mail.send'
]
);
return $provider;
};
工作正常 - 在我Slim3 - 路由重定向後,我得到了所有令牌,refresh_token等
$provider = $this -> oauthprovider;
$CODE = filter_var($_GET['code'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$accessToken = $provider -> getAccessToken('authorization_code',
['code' => $CODE]
);
...
$existingAccessToken = $accessToken -> getToken();
$refreshToken = $accessToken -> getRefreshToken();
$expiresIn = $accessToken -> getExpires();
$expired = ($accessToken -> hasExpired() ? true : false);
$client = $this -> guzzzle;
...
如果我嘗試刷新我的令牌在這一點 - 在同一Slim3路線 - 這是工作的罰款:
$newAccessToken = $provider -> getAccessToken('refresh_token', [
'refresh_token' => $accessToken -> getRefreshToken(),
'grant_type' => 'refresh_token'
]);
但是,這不是我的目標 - 我必須在到達過期一生的時間去刷新令牌 - 1小時 - 在另一個Slim3-路線:
$accessToken = unserialize($session -> get('serialized_token'));
$refreshToken = unserialize($session -> get('serialized_refresh_token'));
$code = $session -> get('code');
$provider = $this -> oauthprovider;
$client = $this -> guzzzle;
...
$req = $client -> request('POST',
'https://login.windows.net/common/oauth2/token', [
'form_params' => [
'accept' => 'application/json',
'grant_type'=> 'refresh_token',
'client_id' => getenv('ENV_CLIENT_ID'),
'client_secret' => getenv('ENV_CLIENT_SECRET'),
'refresh_token' => (string) $refreshToken,
'redirect_uri' => getenv('ENV_REDIRECT_URL')
]
]);
的迴應:
Client error:
POST https://login.windows.net/common/oauth2/token
resulted in a400 Bad Request
response: {"error":"invalid_grant","error_description":"AADSTS70000: Transmission data parser failure: Refresh Token is malformed (truncated...)
刷新令牌是完全一樣,我在我的初始請求了。
任何有oauth-client/guzzle/Microsoft Graph的經驗 - 我的錯誤在哪?
請不要使用褻瀆。 –