Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unexplained Client authentication failed error #297

Open
Kerrialn opened this issue Nov 2, 2021 · 1 comment
Open

unexplained Client authentication failed error #297

Kerrialn opened this issue Nov 2, 2021 · 1 comment

Comments

@Kerrialn
Copy link

Kerrialn commented Nov 2, 2021

The /token endpoint is responding with 401.

  • The client has the grant type of password
  • The security access control and firewalls are configured as per the documentation
  • The public and private key's have been generated
  • The password is correct

Stack

  • Symfony 5.3
  • php 8.0.1
  • api-platform 2.6
  • trikoder/oauth2-bundle 3.2

Response:

{
    "error": "invalid_client",
    "error_description": "Client authentication failed",
    "message": "Client authentication failed"
}

Request body details:

grant_type: password
client_id: 5b810fc66e1b142ac324b123c82eb581,
client_secret: aeb94068f1b703bed82cc21e48ffc4e9105d69df4cb68ff62b168e33e550706ba4c299e938e500164225e64f50f27f7f15ef893f3c2a2a493f59b35f386bc2d5
username: role_super_admin@fixture.com
password: 12345678

Log output:

[2021-11-01T18:19:56.716107+01:00] php.INFO: User Deprecated: Since symfony/security-bundle 5.3: The "security.authentication.manager" service is deprecated, use the new authenticator system instead. {"exception":"[object] (ErrorException(code: 0): User Deprecated: Since symfony/security-bundle 5.3: The \"security.authentication.manager\" service is deprecated, use the new authenticator system instead. at /var/www/code/var/cache/dev/ContainerW9AsxaO/getSecurity_Authentication_ManagerService.php:22)"} []
[2021-11-01T18:19:56.735584+01:00] php.INFO: User Deprecated: Since symfony/security-core 5.3: The "Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager" class is deprecated, use the new authenticator system instead. {"exception":"[object] (ErrorException(code: 0): User Deprecated: Since symfony/security-core 5.3: The \"Symfony\\Component\\Security\\Core\\Authentication\\AuthenticationProviderManager\" class is deprecated, use the new authenticator system instead. at /var/www/code/vendor/symfony/security-core/Authentication/AuthenticationProviderManager.php:27)"} []
[2021-11-01T18:19:56.736688+01:00] php.INFO: User Deprecated: Since symfony/security-core 5.3: The "Symfony\Component\Security\Core\Event\AuthenticationFailureEvent" class is deprecated, use "Symfony\Component\Security\Http\Event\LoginFailureEvent" with the new authenticator system instead. {"exception":"[object] (ErrorException(code: 0): User Deprecated: Since symfony/security-core 5.3: The \"Symfony\\Component\\Security\\Core\\Event\\AuthenticationFailureEvent\" class is deprecated, use \"Symfony\\Component\\Security\\Http\\Event\\LoginFailureEvent\" with the new authenticator system instead. at /var/www/code/vendor/symfony/security-core/Event/AuthenticationFailureEvent.php:18)"} []
[2021-11-01T18:19:56.883198+01:00] request.INFO: Matched route "oauth2_token". {"route":"oauth2_token","route_parameters":{"_route":"oauth2_token","_controller":"Trikoder\\Bundle\\OAuth2Bundle\\Controller\\TokenController::indexAction"},"request_uri":"http://localhost:8080/token","method":"POST"} []
[2021-11-01T18:19:57.533603+01:00] doctrine.DEBUG: SELECT t0.secret AS secret_1, t0.redirect_uris AS redirect_uris_2, t0.grants AS grants_3, t0.scopes AS scopes_4, t0.active AS active_5, t0.allow_plain_text_pkce AS allow_plain_text_pkce_6, t0.identifier AS identifier_7 FROM oauth2_client t0 WHERE t0.identifier = ? ["5b810fc66e1b142ac324b123c82eb581"] []

config/packages/trikoder_oauth2.php

<?php

declare(strict_types=1);

use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;

return static function (ContainerConfigurator $containerConfigurator): void {
    $containerConfigurator->extension('trikoder_oauth2', [
        'authorization_server' => [
            'private_key' => __DIR__ . '/../../var/oauth/private.key',
            'private_key_passphrase' => null,
            'encryption_key' => '%env(string:OAUTH2_ENCRYPTION_KEY)%',
            'grant_types' => [
                'authorization_code' => [
                    'enable' => true
                ],
                'client_credentials' => [
                    'enable' => true
                ],
                'implicit' => [
                    'enable' => true
                ],
                'password' => [
                    'enable' => true
                ],
                'refresh_token' => [
                    'enable' => true
                ],
            ],
        ],
        'resource_server' => [
            'public_key' => __DIR__ . '/../../var/oauth/public.key',
        ],
        'persistence' => [
            'doctrine' => null,
        ],
    ]);
};
@X-Coder264
Copy link
Collaborator

X-Coder264 commented Nov 2, 2021
edited

That exception is created in League\OAuth2\Server\Exception\OAuthServerException::invalidClient() and it's usually caused by the validateClient method returning false so my suggestion would be to check that first.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@X-Coder264 @Kerrialn