2

I'm implementing OpenId Connect into my Yii2 app using the yii2-authclient library. I can login and exchange the code for a token with no problems. I've followed most of the code examples on the web and set a successCallback function that gets called once a user successfully logs in. It looks like this:

public function successCallback(ClientInterface $client) 
{
    $attributes = $client->getUserAttributes();
}

This code gets called, but calling getUserAttributes() results in the following error:

Exception – yii\authclient\InvalidResponseException
Request failed with code: 400, message:
{"error":"invalid_request","error_description":"Token not provided"}

The logs on the id server show a blank client and user, with an error of invalid_token.

I took a close look at the request I make and I see an access_token element. Any ideas what the problem might be? I can provide more information if necessary.

Michael
  • 3,093
  • 7
  • 39
  • 83
Nate D.
  • 21
  • 1
  • More information: Here's the URL I'm hitting: `https://id.dev.[url removed].com/auth/realms/terradatum/protocol/openid-connect/userinfo?access_token=eyJhb[rest of token removed]` and am getting the following response: `{"error":"invalid_request","error_description":"Token not provided"}` – Nate D. Jun 06 '18 at 18:31

1 Answers1

0

I figured it out. The problem was that the yii2-authclient library was sending the token as a GET parameter and the ID server was expecting it as a POST param. I upgraded the yii2-authclient library and that solved the problem since a recent change sends the parameter as POST instead of GET.

Nate D.
  • 21
  • 1