PHP post request and unsupported_grant_type

Question

this is my code

$data = array(
        'grant_type'  => 'Password',
        'username'    => 'username',
        'password'    => 'pwd',
        'DeviceId'    => ''
    );


    $url = "http://test/sync/oauth/token";    

    $curl = curl_init($url);
    curl_setopt($curl, CURLOPT_HEADER, false);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($curl, CURLOPT_POST, true);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);

    $response = curl_exec($curl);

    $status = curl_getinfo($curl, CURLINFO_HTTP_CODE);

    if ( $status != 201 ) {
        die("Error: call to URL $url failed with status $status, response $response, curl_error " . curl_error($curl) . ", curl_errno " . curl_errno($curl));
    }


    curl_close($curl);

    print_r($response);`

I think is correct, but the server return me this error

Error: call to URL http://test/sync/oauth/token failed with status 400, response {"error":"unsupported_grant_type"}, curl_error , curl_errno 0

Where is the error?

cURL's working fine - the error appears to be the JSON generated by `http://test/sync/oauth/token` ... I'm going to hazard a guess and say that it's expecting `grant_type` to be *password* (with a lower-case 'p') but without seeing the source of that script that's all it is, a guess. — CD001, Jul 19 '16 at 08:16
Yes you are right, but the error remains: Error: call to URL http://test.audipsp.volkswagengroup.it/sync/oauth/token failed with status 400, response HTTP/1.1 100 Continue Yes you are right, but the error remains: HTTP/1.1 400 Bad Request Cache-Control: no-cache Pragma: no-cache Content-Length: 34 Content-Type: application/json;charset=UTF-8 Expires: -1 Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Tue, 19 Jul 2016 10:29:27 GMT {"error":"unsupported_grant_type"}, curl_error , curl_errno 0 — Samuele Caci, Jul 19 '16 at 10:54

score 1 · Answer 1 · edited Oct 13 '21 at 16:17

After wasting my couple of hours and doing tons of testing I came up with a solution.

Tip: Don't Concatenate the Post Arguments into a string and add it in Array just use it separately so with that you don't even need to add the Custom_HEADERS => Content-Type: application/x-www-form-urlencoded

Some people say that you need to add application/x-www-form-urlencoded as Content-Type then it would work but my solution works perfectly here is the working code

$curl = curl_init();
curl_setopt($curl, CURLOPT_POST, 1);  
curl_setopt($curl, CURLOPT_URL, 'YOUR_TOKEN_URL_HERE');
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query(array(
 'Username' => 'YOUR_USERNAME',
 'Password' => 'YOUR_PASSWORD',
 'grant_type' => 'password'
)));
$result = curl_exec($curl);
if(!$result){die("Connection Failure");}
curl_close($curl);
echo $result;

This code works perfectly for Laravel Bearer Token and others too

Reference : CURL POST FORMAT

score 0 · Answer 2 · answered Jul 19 '16 at 08:48

0

The Default implementation of OAuthAuthorizationServerHandler only accepts form encoding (i.e. application/x-www-form-urlencoded) and not JSON encoding (application/JSON)

your request's ContentType should be application/x-www-form-urlencoded and pass the data in the body as: grant_type=password&username=username&password=password i.e. not in JSON format.

$headers = array();
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

answered Jul 19 '16 at 08:48

DarkKnight

651
5
15

Ok the error change a little, but unsupported_grant_type is the same : 'Error: call to URL http://test/sync/oauth/token failed with status 400, response HTTP/1.1 100 Continue HTTP/1.1 400 Bad Request Cache-Control: no-cache Pragma: no-cache Content-Length: 34 Content-Type: application/json;charset=UTF-8 Expires: -1 Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Tue, 19 Jul 2016 10:29:27 GMT {"error":"unsupported_grant_type"}, curl_error , curl_errno 0' – Samuele Caci Jul 19 '16 at 10:49
Can you show me the Request Headers? I need to see the Content Type in Request Header. or try http://test.audipsp.volkswagengroup.it/sync/oauth/token?grant_type=password&username=username&password=password in Chrome, afteropening dev tools. – DarkKnight Jul 19 '16 at 11:34
the Request Headers don't need parameters, so i don't know the right content-type – Samuele Caci Jul 19 '16 at 12:33

score 0 · Answer 3 · answered Jul 28 '16 at 15:49

For those who need it... This is the solution:

$data = array(
    'grant_type'  => 'password',
    'username'    => 'username',
    'password'    => 'password',
    'DeviceId'    => ''
);
$url_token = "http://test/sync/oauth/token";    
try {
    $oauth = new OAuth('username','password');
    $signature = $oauth->fetch ($url_token,$data,'POST');
    $response_info = $oauth->getLastResponseInfo();
    header("Content-Type: {$response_info["content_type"]}");
    $token = $oauth->getLastResponse();
    $token = json_decode($token, true);

    $authorization_token = $token['access_token'];
} catch(OAuthException $E) {
    echo "Response: ". $E->lastResponse . "\n";
}
    return $authorization_token;

theres no class defination about new OAuth please be more Descriptive about your answer — Mr Talha, Jan 14 '20 at 17:08

PHP post request and unsupported_grant_type

3 Answers3

Linked