问题
I have tried absolutely everything to get the code_verifier to work, to no avail.
Everything else seems to be fine. In the code sample provided (PHP), my first method (get_snapchat_auth_url() ) creates the authentication URL. That seems to work fine and it generates a callback URL with a code and a state.
Then the second method (get_access_token() ) is called with the code passed to it as a parameter. This also seems to work fine. It constructs the header and fields using my app's callback url, the client ID and client secret, etc...
Finally the third method is called (curl() ) which executes the HTTP request. Again this works fine.
The part that doesn't work is every time I get the response {"error":"invalid_grant","error_description":"Invalid code_verifier."}
I have tried the following flows: 1) Create a random code_verifier 2) hash it with sha256 3) pass it as code_challenge 4) pass original code_verifier in final request
1) Create a random code_verifier 2) hash it with sha256 3) base 64 encode it 4) pass it as code_challenge 5) pass original code_verifier in final request
1) create a random code_verifier 2) base 64 encode it 3) hash it with sha256 4) pass it as code_challenge 5) pass code_verifier in final request
1) Create a random code_verifier 2) hash it with sha256 3) pass it as code_challenge 4) pass base 64 encoded original code_verifier in final request
1) Create a random code_verifier 2) hash it with sha256 3) base 64 encode it 4) pass it as code_challenge 5) pass base 64 encoded original code_verifier in final request
1) create a random code_verifier 2) base 64 encode it 3) hash it with sha256 4) pass it as code_challenge 5) pass base 64 encoded code_verifier in final request
None of these flows work and it doesn't seem like this process is documented anywhere snapchat's site...
public function get_snapchat_auth_url()
{
$scopes = [
'https://auth.snapchat.com/oauth2/api/user.display_name',
'https://auth.snapchat.com/oauth2/api/user.bitmoji.avatar',
'https://auth.snapchat.com/oauth2/api/user.external_id'
];
$state = md5(uniqid(rand(), true));
$code_verifier = "AdleUo9ZVcn0J7HkXOdzeqN6pWrW36K3JgVRwMW8BBQazEPV3kFnHyWIZi2jt9gA";
$code_challenge = hash("sha256",$code_verifier);
$query_params = [
'response_type' => 'code',
'redirect_uri' => config('env.SNAPCHAT_REDIRECT_URL'),
'scope' => implode(' ',$scopes),
'client_id' => config('env.SNAPCHAT_CLIENT_ID_DEV'),
'state' => $state,
'code_challenge' => $code_challenge,
'code_challenge_method' => 'S256'
];
// Return full URL
return "https://accounts.snapchat.com/accounts/oauth2/auth?" . http_build_query($query_params);
}
public function get_access_token($code)
{
$code = 'wMX1MZ2ntN16iSW0EsUzZZ6KtfnDlIeJ3mttbJT8kno';
$redirect_url = config('env.SNAPCHAT_REDIRECT_URL');
$url = "https://accounts.snapchat.com/accounts/oauth2/token";
$client_id = config('env.SNAPCHAT_CLIENT_ID_DEV');
$client_secret = config('env.SNAPCHAT_CLIENT_SECRET_DEV');
$auth = base64_encode("$client_id:$client_secret");
$header = [
"Authorization: Basic $auth"
];
$fields = [
'grant_type' => 'authorization_code',
'redirect_uri' => $redirect_url,
'code' => $code,
'code_verifier' => "AdleUo9ZVcn0J7HkXOdzeqN6pWrW36K3JgVRwMW8BBQazEPV3kFnHyWIZi2jt9gA"
];
return $this->curl($url,$header,$fields);
}
public function curl($url,$header,$fields)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
$fields_string = '';
foreach($fields as $key=>$value) {
$fields_string .= $key.'='.$value.'&';
}
rtrim($fields_string, '&');
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
$data = curl_exec($ch);
curl_close($ch);
dd($data);
}
Finally, I have tried excluding the `code_verifier` field altogether, but I get the following error:
{"error":"invalid_request","error_description":"Missing code_verifier."}
来源:https://stackoverflow.com/questions/60900259/how-to-pass-code-challenge-and-code-verifier-for-snapchat-api