我在使用Microsoft Graph的Slim3 WebApp中使用联盟/ oauth客户端,并且我无法通过给定刷新令牌成功请求新令牌...Microsoft-Graph刷新令牌请求失败... AADSTS70000
这是联盟/ OAuth的客户我二容器:
$container['oauthprovider'] = function()
{
$provider = new \League\OAuth2\Client\Provider\GenericProvider(
[
'clientId' => getenv('ENV_CLIENT_ID'),
'clientSecret' => getenv('ENV_CLIENT_SECRET'),
'redirectUri' => getenv('ENV_REDIRECT_URL'),
'urlAuthorize' => getenv('ENV_AUTHORIZE_URL'),
'urlAccessToken' => getenv('ENV_URL_ACCESS_TOKEN'),
'urlResourceOwnerDetails' => '',
'scopes' => 'offline_access user.read people.read user.read.all openid mail.send'
]
);
return $provider;
};
工作正常 - 在我Slim3 - 路由重定向后,我得到了所有令牌,refresh_token等
$provider = $this -> oauthprovider;
$CODE = filter_var($_GET['code'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$accessToken = $provider -> getAccessToken('authorization_code',
['code' => $CODE]
);
...
$existingAccessToken = $accessToken -> getToken();
$refreshToken = $accessToken -> getRefreshToken();
$expiresIn = $accessToken -> getExpires();
$expired = ($accessToken -> hasExpired() ? true : false);
$client = $this -> guzzzle;
...
如果我尝试刷新我的令牌在这一点 - 在同一Slim3路线 - 这是工作的罚款:
$newAccessToken = $provider -> getAccessToken('refresh_token', [
'refresh_token' => $accessToken -> getRefreshToken(),
'grant_type' => 'refresh_token'
]);
但是,这不是我的目标 - 我必须在到达过期一生的时间去刷新令牌 - 1小时 - 在另一个Slim3-路线:
$accessToken = unserialize($session -> get('serialized_token'));
$refreshToken = unserialize($session -> get('serialized_refresh_token'));
$code = $session -> get('code');
$provider = $this -> oauthprovider;
$client = $this -> guzzzle;
...
$req = $client -> request('POST',
'https://login.windows.net/common/oauth2/token', [
'form_params' => [
'accept' => 'application/json',
'grant_type'=> 'refresh_token',
'client_id' => getenv('ENV_CLIENT_ID'),
'client_secret' => getenv('ENV_CLIENT_SECRET'),
'refresh_token' => (string) $refreshToken,
'redirect_uri' => getenv('ENV_REDIRECT_URL')
]
]);
的回应:
Client error:
POST https://login.windows.net/common/oauth2/token
resulted in a400 Bad Request
response: {"error":"invalid_grant","error_description":"AADSTS70000: Transmission data parser failure: Refresh Token is malformed (truncated...)
刷新令牌是完全一样,我在我的初始请求了。
任何有oauth-client/guzzle/Microsoft Graph的经验 - 我的错误在哪?
请不要使用亵渎。 –