Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

luciancostin's avatar

Converting Authorization Codes To Access Tokens

The keys used to encrypt and decrypt when exchanging the authorization code to an access token are different. Why, how come? Can anyone give a hand?

:: I've followed the instructions here : https://laravel.com/docs/5.6/passport#installation To install multiple times a laravel project with Passport as an openauth server, And also multiple tries of client installations to test connectivity. Doing this on my localhost Win10 machine, Apache 2.4, Mysql . Have setup multiple virtual hosts for the server ,and the client respectively, running on different ports.

I was never able to fully get it running, it always fails at the authorization code exchange to an access token, and at the bottom of it is what i think are different keys used for encryption of the authorization code and decryption when received back from the client.

More precisely, i have the following code in my client:

Route::get('/callback', function (Request $request) {

/* return '

    
    
    
    
    
    
';
*/

$http = new GuzzleHttp\Client;



$fp = fopen('guzzle.log.txt','a');
$response = $http->post('http://passport:8090/oauth/token', [
'exceptions' => false,
'debug' => $fp,
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => '3',
'client_secret' => 'jOf6XcL4yv5WqSAmKwgKaKab6Drx5OJnMcMwp3rw',
'redirect_uri' => 'http://client:8091/callback',
'code' => $request->code,
],
]);
print_R((string)$response->getBody());
fclose($fp);
exit;


return json_decode((string) $response->getBody(), true);



});


I keep getting the following error:
local.ERROR: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. {"exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 3): The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. at \work\laravel\passport\vendor\league\oauth2-server\src\Exception\OAuthServerException.php:114


Very interesting is that if instead of the guzzleHttp curl call, i manually submit the form (commented out in the code above), that successfully returns a 200 with bearer token a.s.o.


Does anyone have any idea why or any hints to fix?
0 likes
0 replies

Please or to participate in this conversation.