invalid_grant trying to get OpenID Connect token from PayPal

contemplator
Contributor
Contributor

I am following the Guide: Integrate Log In with PayPal in attempt to make it work on WordPress 4.7.1. I have successfully embed the Log In with PayPal button. Clicking on it bring the login, which then redirects to "returnurl".

 

I'm currently stuck trying to pass the authorization code received in the previous step to the tokenservice endpoint to receive an access token.

 

My "returnurl" has this curl code (as suggested by Guide: grant token from authorization code😞

<?php

$curl = curl_init( 'https://api.sandbox.paypal.com/v1/identity/openidconnect/tokenservice' ); 
// not $curl = curl_init( 'https://api.sandbox.paypal.com/v1/oauth2/token' ); 
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, 1);
$code = $_GET['code']; // The code from the previous request
$redirect_uri = 'http://xxxxxx.contemplate.me.ke/';

curl_setopt( $curl, CURLOPT_POSTFIELDS, array( 'redirect_uri' => $redirect_uri, 'grant_type' => 'authorization_code', 'code' => $code) );

curl_setopt( $curl, CURLOPT_USERPWD, "My-Client-Id" . ":" . "My-Secret");

$auth = curl_exec( $curl ); print '$auth = ';print_r($auth); // to see the error
$secret = json_decode($auth); $access_key = $secret->access_token; ?>

All I get from this after logging in is:

$auth = {"error_description":"Grant type is null","error":"invalid_grant","correlation_id":"0f5787fc6413f","information_link":"https://developer.paypal.com/docs/api/#errors"}

The API Documentation has no mention of this error, even though information_link is indicated.

 

What am I doing wrong?

Login to Me Too
1 ACCEPTED SOLUTION

Accepted Solutions
4 REPLIES 4

MTS_Ciaran
Moderator
Moderator

Log on our side are showing that "Grant_type" is not passed. 

 

Can you do a data dump of the request of whats being sent out? e.g. add this to the beginning of your PHP file, below <?PHP

 

/* http://yourPHPScriptURL.com:
print_r($_POST);
*/
Login to Me Too

contemplator
Contributor
Contributor

OK, I created a new page success:

<?php
// http://xxxxxx.contemplate.me.ke/success/
print_r($_POST);
print_r($_GET);
?>

 

and directed the curl call to it:

<?php

$curl = curl_init( 'http://xxxxxx.contemplate.me.ke/success/' );

//$curl = curl_init( 'https://api.sandbox.paypal.com/v1/identity/openidconnect/tokenservice' ); 
// not $curl = curl_init( 'https://api.sandbox.paypal.com/v1/oauth2/token' ); 

...

And got this result:

Array ( ) $auth = Array ( [redirect_uri] => http://xxxxxx.contemplate.me.ke/ [grant_type] => authorization_code [scope] => openid profile email https://uri.paypal.com/services/paypalattributes [code] => C101.LApN9nzyGxbf2iObTcDGPe1xvrKfglHyqFXeax90OlWVGhnPQTzxb6SGdB9etrlB.HxaMtsD4a9u81mrP23HQ48Bfhcy ) Array ( )

What's next?

 

 

Login to Me Too

MTS_Ciaran
Moderator
Moderator

Thank you. So the code is setting the array correctly which is good.

 

From what I can see I suspect that there is an encoding issue then when passing the Post fields. I've been digging into the PHP manual for curl-setopt, the content-type header needs set to "multipart/form-data." when passed for setting an array as the value for CURL_POSTFIELDS. 

 

Can you give it a try, alternatively you can pass an NVP string URL encoded in CURL_POSTFIELD as well. 

 

CURL manual

 

 

Login to Me Too
Solved

contemplator
Contributor
Contributor

I just found How to Implement User Log-in with PayPal which uses GET instead of POST and it worked! I got my token.

Login to Me Too

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.