To homepage To homepage
Question

Facing Issue in Auth2.0 PKCE

  • 17 May 2022
  • 3 replies
  • 413 views
6

Hi,


We are performing Auth2.0 PKCE for authorization purposes. As per the documentation following all the processes.

1. Generate Verify and challenge for PKCE

2. User login and consent

The above two processes are done, successfully.

When we are performing

3. Exchange auth code for an access token


The error we are getting is :

{
  "error": "invalid_client",
  "errors": [
    {
      "errorCode": "OAU-123",
      "message": "Client authentication is required"
    }
  ],
  "error_description": "Client authentication is required"
}



//Pasting my return URI Code Below, Please let me know what we need to do in order to resolve the issue

It's a PHP code,


<?php

$code = $_REQUEST['code'];
$state = $_REQUEST['state'];

if ($code)
{

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, "https://platform.devtest.ringcentral.com/restapi/oauth/token");
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, "code=$code&grant_type=authorization_code&client_id=<client-id>&code_verifier=LQCmsfhneP9_R2jQ85En9RO--ohyrIKmej3rpocjjaE&redirect_uri=https://my.callback/listener_ringcentral.php");
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
        'Content-Type: application/x-www-form-urlencoded'
    ));

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    try
    {
        $server_output = curl_exec($ch);
    }
    catch(Exception $e)
    {
        echo '<pre>';
        print_r($e->getMessage());
    }
    curl_close($ch);

    // Further processing ...
    echo '<pre>';
    print_r($server_output);
    if ($server_output == "OK")
    {
        echo '<pre>';
        print_r($server_output);
    }
    else
    {
        echo 'Failed CURLLLLL';
    }
}

?>

3 replies

A

Hi @Nitin Singh, If you are able to able to perform the 1st two steps as mentioned and are only stuck on Step 3, then please refer to this guide to understand how to create the request for the same. Make sure your Authorization Header is base 64 encoded string for Client ID and Secret in the correct format.

Also, consider using the RingCentral's PHP SDK which might make the job easier for you, and tutorial you might find helpful.

ByrneReese
Rank
@Nitin Singh So I put together a better PHP PKCE example for you. I will let the code speak for itself and assume you can follow along reasonably well. I will be adding this to the documentation soon, providing a lot more detail and example code around using PKCE auth. https://gist.github.com/byrnereese/a52cc4e473f76b8a23c8e517d8237d7d
Byrne
ByrneReese
Rank
I provided a complete end-to-end working example of PKCE auth in PHP below. I am trying to ascertain what you did wrong though. It is difficult without seeing how the code challenge and verifier were generated. They are derived from each other. One challenge I had was persisting the code verifier through the asynchronous auth process. Can you share your full code sample?
Byrne

Reply


Terms & ConditionsCookie settings
PRODUCTS
RingEX
Message
Video
Phone
OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility
QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Privacy Notice