Configuring Email OTP - Step 2 - Configure the EmailOTP provider, Step 12 - Error

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Configuring Email OTP - Step 2 - Configure the EmailOTP provider, Step 12 - Error

Isuru Uyanage
Hi All, 

I'm trying to implement Configuring Email OPT scenario and followed upto Step2 - Step 12 mentioned in the doc [1]. In Step 2 - Configure the EmailOTP provider, step 12, I tried executing the mentioned curl command in the doc replacing my client id, client secret, and authorization_code. 

curl -v -X POST --basic -u <client-id>:<client_secret> -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=authorization_code&code=<authorization_code>&redirect_uri=https://localhost:9443/commonauth" https://www.googleapis.com/oauth2/v3/token
curl -v -X POST --basic -u 854665841399-l13g81ri4q98elpen1i1uhsdjulhp7ha.apps.googleusercontent.com:MK3h4fhSUT-aCTtSquMB3Vll -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=authorization_code&code=4/KEDlA2KjGtib4KlyzaKzVNuDfvAmFZ10T82usT-6llY#&redirect_uri=https://localhost:9443/commonauth" https://www.googleapis.com/oauth2/v3/token


I get the following error. 

  Trying 74.125.24.95...

* TCP_NODELAY set

* Connected to www.googleapis.com (74.125.24.95) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/cert.pem

  CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS change cipher, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256

* ALPN, server accepted to use h2

* Server certificate:

*  subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.googleapis.com

*  start date: Dec  5 09:28:00 2017 GMT

*  expire date: Feb 27 09:28:00 2018 GMT

*  issuer: C=US; O=Google Inc; CN=Google Internet Authority G2

*  SSL certificate verify ok.

* Using HTTP2, server supports multi-use

* Connection state changed (HTTP/2 confirmed)

* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0

* Server auth using Basic with user '437826768736-gs2r8gf418g7drt019s5hi8gt0q1ni4p.apps.googleusercontent.com'

* Using Stream ID: 1 (easy handle 0x7fb6a4805400)

> POST /oauth2/v3/token HTTP/2

> Host: www.googleapis.com

> Authorization: Basic NDM3ODI2NzY4NzM2LWdzMnI4Z2Y0MThnN2RydDAxOXM1aGk4Z3QwcTFuaTRwLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tOndBOEJPTzVJby0zX3dkUGdfQ2tqNkpqdA==

> User-Agent: curl/7.54.0

> Accept: */*

> Content-Type: application/x-www-form-urlencoded;charset=UTF-8

> Content-Length: 128

> 

* Connection state changed (MAX_CONCURRENT_STREAMS updated)!

* We are completely uploaded and fine

< HTTP/2 400 

< vary: X-Origin

< vary: Origin,Accept-Encoding

< content-type: application/json; charset=UTF-8

< date: Mon, 11 Dec 2017 13:30:01 GMT

< expires: Mon, 11 Dec 2017 13:30:01 GMT

< cache-control: private, max-age=0

< x-content-type-options: nosniff

< x-frame-options: SAMEORIGIN

< x-xss-protection: 1; mode=block

< server: GSE

< alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"

< accept-ranges: none

< 

{

 "error": "invalid_grant",

 "error_description": "Bad Request"

}

* Connection #0 to host www.googleapis.com left intact



Could you please help me with this. 



[1] - https://docs.wso2.com/display/IS530/Configuring+Email+OTP



Thanks and Best Regards,

Isuru Uyanage
Software Engineer - QA | WSO2
Mobile : <a href="tel:+94%2077%20767%201807" value="+94777671807" style="color:rgb(17,85,204)" target="_blank">+94 77 55 30752




_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Configuring Email OTP - Step 2 - Configure the EmailOTP provider, Step 12 - Error

Nilasini Thirunavukkarasu
Hi Isuru,

I have followed the steps. I could able to get the access token with out any errors. Seems like the error is due to invalid authorization code. Could you please check on that?. You can get another authorization code using step 10 and try the request. 

Thanks,
NIla.

On Mon, Dec 11, 2017 at 7:10 PM, Isuru Uyanage <[hidden email]> wrote:
Hi All, 

I'm trying to implement Configuring Email OPT scenario and followed upto Step2 - Step 12 mentioned in the doc [1]. In Step 2 - Configure the EmailOTP provider, step 12, I tried executing the mentioned curl command in the doc replacing my client id, client secret, and authorization_code. 

curl -v -X POST --basic -u <client-id>:<client_secret> -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=authorization_code&code=<authorization_code>&redirect_uri=https://localhost:9443/commonauth" https://www.googleapis.com/oauth2/v3/token
curl -v -X POST --basic -u 854665841399-l13g81ri4q98elpen1i1uhsdjulhp7ha.apps.googleusercontent.com:MK3h4fhSUT-aCTtSquMB3Vll -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=authorization_code&code=4/KEDlA2KjGtib4KlyzaKzVNuDfvAmFZ10T82usT-6llY#&redirect_uri=https://localhost:9443/commonauth" https://www.googleapis.com/oauth2/v3/token


I get the following error. 

  Trying 74.125.24.95...

* TCP_NODELAY set

* Connected to www.googleapis.com (74.125.24.95) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/cert.pem

  CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS change cipher, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256

* ALPN, server accepted to use h2

* Server certificate:

*  subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.googleapis.com

*  start date: Dec  5 09:28:00 2017 GMT

*  expire date: Feb 27 09:28:00 2018 GMT

*  issuer: C=US; O=Google Inc; CN=Google Internet Authority G2

*  SSL certificate verify ok.

* Using HTTP2, server supports multi-use

* Connection state changed (HTTP/2 confirmed)

* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0

* Server auth using Basic with user '437826768736-gs2r8gf418g7drt019s5hi8gt0q1ni4p.apps.googleusercontent.com'

* Using Stream ID: 1 (easy handle 0x7fb6a4805400)

> POST /oauth2/v3/token HTTP/2

> Host: www.googleapis.com

> Authorization: Basic NDM3ODI2NzY4NzM2LWdzMnI4Z2Y0MThnN2RydDAxOXM1aGk4Z3QwcTFuaTRwLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tOndBOEJPTzVJby0zX3dkUGdfQ2tqNkpqdA==

> User-Agent: curl/7.54.0

> Accept: */*

> Content-Type: application/x-www-form-urlencoded;charset=UTF-8

> Content-Length: 128

> 

* Connection state changed (MAX_CONCURRENT_STREAMS updated)!

* We are completely uploaded and fine

< HTTP/2 400 

< vary: X-Origin

< vary: Origin,Accept-Encoding

< content-type: application/json; charset=UTF-8

< date: Mon, 11 Dec 2017 13:30:01 GMT

< expires: Mon, 11 Dec 2017 13:30:01 GMT

< cache-control: private, max-age=0

< x-content-type-options: nosniff

< x-frame-options: SAMEORIGIN

< x-xss-protection: 1; mode=block

< server: GSE

< alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"

< accept-ranges: none

< 

{

 "error": "invalid_grant",

 "error_description": "Bad Request"

}

* Connection #0 to host www.googleapis.com left intact



Could you please help me with this. 



[1] - https://docs.wso2.com/display/IS530/Configuring+Email+OTP



Thanks and Best Regards,

Isuru Uyanage
Software Engineer - QA | WSO2
Mobile : <a href="tel:+94%2077%20767%201807" value="+94777671807" style="color:rgb(17,85,204)" target="_blank">+94 77 55 30752






--
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : [hidden email]
Mobile : +94775241823
Web : http://wso2.com/




_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev