cancel
Showing results for 
Search instead for 
Did you mean: 

invalid_grant trying to get OpenID Connect token from PayPal

Options
Go to solution
contemplator
Contributor
Posted on

I am following the Guide: Integrate Log In with PayPal in attempt to make it work on WordPress 4.7.1. I have successfully embed the Log In with PayPal button. Clicking on it bring the login, which then redirects to "returnurl".

 

I'm currently stuck trying to pass the authorization code received in the previous step to the tokenservice endpoint to receive an access token.

 

My "returnurl" has this curl code (as suggested by Guide: grant token from authorization code😞

<?php

$curl = curl_init( 'https://api.sandbox.paypal.com/v1/identity/openidconnect/tokenservice' ); 
// not $curl = curl_init( 'https://api.sandbox.paypal.com/v1/oauth2/token' ); 
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, 1);
$code = $_GET['code']; // The code from the previous request
$redirect_uri = 'http://xxxxxx.contemplate.me.ke/';

curl_setopt( $curl, CURLOPT_POSTFIELDS, array( 'redirect_uri' => $redirect_uri, 'grant_type' => 'authorization_code', 'code' => $code) );

curl_setopt( $curl, CURLOPT_USERPWD, "My-Client-Id" . ":" . "My-Secret");

$auth = curl_exec( $curl ); print '$auth = ';print_r($auth); // to see the error
$secret = json_decode($auth); $access_key = $secret->access_token; ?>

All I get from this after logging in is:

$auth = {"error_description":"Grant type is null","error":"invalid_grant","correlation_id":"0f5787fc6413f","information_link":"https://developer.paypal.com/docs/api/#errors"}

The API Documentation has no mention of this error, even though information_link is indicated.

 

What am I doing wrong?

1 ACCEPTED SOLUTION

Accepted Solutions
Solved

invalid_grant trying to get OpenID Connect token from PayPal

Options
Go to solution
contemplator
Contributor
4 REPLIES 4

invalid_grant trying to get OpenID Connect token from PayPal

Options
Go to solution
MTS_Ciaran
PayPal Employee

Log on our side are showing that "Grant_type" is not passed. 

 

Can you do a data dump of the request of whats being sent out? e.g. add this to the beginning of your PHP file, below <?PHP

 

/* http://yourPHPScriptURL.com:
print_r($_POST);
*/

invalid_grant trying to get OpenID Connect token from PayPal

Options
Go to solution
contemplator
Contributor

OK, I created a new page success:

<?php
// http://xxxxxx.contemplate.me.ke/success/
print_r($_POST);
print_r($_GET);
?>

 

and directed the curl call to it:

<?php

$curl = curl_init( 'http://xxxxxx.contemplate.me.ke/success/' );

//$curl = curl_init( 'https://api.sandbox.paypal.com/v1/identity/openidconnect/tokenservice' ); 
// not $curl = curl_init( 'https://api.sandbox.paypal.com/v1/oauth2/token' ); 

...

And got this result:

Array ( ) $auth = Array ( [redirect_uri] => http://xxxxxx.contemplate.me.ke/ [grant_type] => authorization_code [scope] => openid profile email https://uri.paypal.com/services/paypalattributes [code] => C101.LApN9nzyGxbf2iObTcDGPe1xvrKfglHyqFXeax90OlWVGhnPQTzxb6SGdB9etrlB.HxaMtsD4a9u81mrP23HQ48Bfhcy ) Array ( )

What's next?

 

 

invalid_grant trying to get OpenID Connect token from PayPal

Options
Go to solution
MTS_Ciaran
PayPal Employee

Thank you. So the code is setting the array correctly which is good.

 

From what I can see I suspect that there is an encoding issue then when passing the Post fields. I've been digging into the PHP manual for curl-setopt, the content-type header needs set to "multipart/form-data." when passed for setting an array as the value for CURL_POSTFIELDS. 

 

Can you give it a try, alternatively you can pass an NVP string URL encoded in CURL_POSTFIELD as well. 

 

CURL manual

 

 

Solved

invalid_grant trying to get OpenID Connect token from PayPal

Options
Go to solution
contemplator
Contributor

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.