PHP Fatal error: Uncaught League\OAuth2\Client\Provider\Exception\IdentityProviderException: invalid_client

[ggPixel]

Hi,

I ran into the same problem as this issue.
#22 (comment)

I checked, we are not using our own VM, so im assuming I should use the setting common.
Whats weird is that from Azure's side, the login was successful, so Im not sure what Im doing wrong.

Here's the full error:

Fatal error: Uncaught exception 'League\OAuth2\Client\Provider\Exception\IdentityProviderException' with message 'invalid_client' in /usr/www/wwws/users/ctutrygdtj/my-portal/inc/sso/vendor/league/oauth2-client/src/Provider/GenericProvider.php:216 Stack trace: #0 /usr/www/wwws/users/ctutrygdtj/my-portal/inc/sso/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(644): League\OAuth2\Client\Provider\GenericProvider->checkResponse(Object(GuzzleHttp\Psr7\Response), Array) #1 /usr/www/wwws/users/ctutrygdtj/my-portal/inc/sso/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(560): League\OAuth2\Client\Provider\AbstractProvider->getResponse(Object(GuzzleHttp\Psr7\Request)) #2 /usr/www/wwws/users/ctutrygdtj/my-portal/inc/sso/src/Delegates/Receive.php(82): League\OAuth2\Client\Provider\AbstractProvider->getAccessToken('authorization_c...', Array) #3 /usr/www/wwws/users/ctutrygdtj/my-portal/inc/sso/src/ActiveDirectory.php(180): Magium\ActiveDirectory\Delegates\Receive->execute() #4 /usr/www/wwws/users/ctutrygdtj in /usr/www/wwws/users/ctutrygdtj/my-portal/inc/sso/vendor/league/oauth2-client/src/Provider/GenericProvider.php on line 216

[ggPixel]

Here's the code Im using:

require_once __DIR__ . "/vendor/autoload.php";

session_start();

$config = [ 
	'authentication' => [ 
		'ad' => [ 
			'client_id' 	=> '-------------------', 
			'client_secret' => '-----------------------', 
			'enabled'   	=> '1',
			'directory' 	=> 'common'
		] 
	] 
];

$request = new \Zend\Http\PhpEnvironment\Request();

$ad = new \Magium\ActiveDirectory\ActiveDirectory(
	new \Magium\Configuration\Config\Repository\ArrayConfigurationRepository($config),
	\Zend\Psr7Bridge\Psr7ServerRequest::fromZend(new \Zend\Http\PhpEnvironment\Request())
);

$entity = $ad->authenticate();

echo $entity->getName() . "<br>";
echo $entity->getPreferredUsername();```

[kschroeder]

Did you see @mattrjk's response on the item you referenced?

[ggPixel]

Thanx @kschroeder, took me a while to figure out where to set this. Initially I thought its the Redirect URL setting in Azure. Sorted thanx!

[kschroeder]

OK, I probably need to do a better job of documenting that.

[arjun1992]

@ggPixel How did you solve the error ? Please help.

[kschroeder]

@arjun1992 does the last comment at #22 (comment) help out?

[arjun1992]

Hello @kschroeder . Thanks for your reply. No i didn't help me. I think i am missing out something. Could you help me understand. I have the following configuration in backend

Also following is my code

<?php

ini_set('display_errors', 1);
require_once 'vendor/autoload.php';
session_start();

$config = [
    'authentication' => [
        'ad' => [
            'client_id' => '---------------------------',
            'client_secret' => '---------------------------',
            'enabled' => '1',
            'directory' => 'common'
        ]
    ]
];

$request = new \Zend\Http\PhpEnvironment\Request();

$ad = new \Magium\ActiveDirectory\ActiveDirectory(
    new \Magium\Configuration\Config\Repository\ArrayConfigurationRepository($config),
    Zend\Psr7Bridge\Psr7ServerRequest::fromZend(new \Zend\Http\PhpEnvironment\Request())
);

$entity = $ad->authenticate();

echo $entity->getName() . '<Br />';
// echo $entity->getOid() . '<Br />';
echo $entity->getPreferredUsername() . '<Br />';

[kschroeder]

@arjun1992 Could you post your stack trace?

[ogriffithjones]

Hi I am having a similar error, within Azure I have set my redirect URL to Local Host, I am hosting a MAMP local server within the server file of the example. When I go to local host it correctly redirects me to login.microsoft online then after authenticating it redirects me to:

http://localhost/?code=M49310041-530f-9ad5-12c2-ac0e8b0b259b&state=Lx6nVaaxeF6q1kyZ9r93v00h27dMCH7x

and chrome displays the error: LocalHost is unable to handle this request, HTTP ERROR 500

I assume this is an error going from https to http but how to I fix this?

[ogriffithjones]

This is my file layout (Standard as setup):

My MAMP document root path is set to examples/server

And this is my Config:

$config = [ 'authentication' => [ 'ad' => [ 'client_id' => '______________________________________', 'client_secret' => '______________________________________', 'enabled' => '1', 'directory' => 'common' ] ] ];

[arjun1992]

Hi @ggPixel @kschroeder @ogriffithjones @Rockstar04

Getting the following error

Fatal error: Uncaught exception 'League\OAuth2\Client\Provider\Exception\IdentityProviderException' with message 'invalid_client' in /var/www/html/active/vendor/league/oauth2-client/src/Provider/GenericProvider.php:216 Stack trace: #0 /var/www/html/active/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(644): League\OAuth2\Client\Provider\GenericProvider->checkResponse(Object(GuzzleHttp\Psr7\Response), Array) #1 /var/www/html/active/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(560): League\OAuth2\Client\Provider\AbstractProvider->getResponse(Object(GuzzleHttp\Psr7\Request)) #2 /var/www/html/active/src/Delegates/Receive.php(82): League\OAuth2\Client\Provider\AbstractProvider->getAccessToken('authorization_c...', Array) #3 /var/www/html/active/src/ActiveDirectory.php(180): Magium\ActiveDirectory\Delegates\Receive->execute() #4 /var/www/html/active/index.php(26): Magium\ActiveDirectory\ActiveDirectory->authenticate() #5 {main} thrown in /var/www/html/active/vendor/league/oauth2-client/src/Provider/GenericProvider.php on line 216

Would appreciate any help provided by you.

Thanks !

[ggPixel]

@arjun1992 see @mattrjk comment. Try setting the return_url option and see if that solves the error:

$config` = [ 
    'authentication' => [ 
		'ad' => [ 
			'client_id' 	=> 'xxxxxxxxx', 
			'client_secret' => 'xxxxxxxxxx', 
			'enabled'   	=> '1',
			'directory' 	=> 'common',
			'return_url' 	=> 'http://your-domain/redirct-uri'
		] 
	] 
];

[arjun1992]

@ggPixel Thanks a lot ... Working fine now ... Really appreciate your help.

[ogriffithjones]

Cool working now thanks @ggPixel

Do you have any ideas on how to get custom user attributes from Azure Ad such as a workers ID Card code?

Thanks,
Oliver Griffith-Jones

[kschroeder]

Another option that might help someone else is to set the replyUrls value in the

setting on http://apps.dev.microsoft.com

[mattlampl]

Hi @kschroeder

I have been trying to solve this issue for a few days now. I am getting the same error as above. I have followed the advice written above and added the return_url but I am still getting the error. I think it has to do with the fact that I do not have a Client Secret available. Is the Client Secret necessary for this to work?

I am also not using the "common" directory and am using my organization's tenant ID.

$config = [ 'authentication' => [ 'ad' => [ 'client_id' => 'xxxxxxxxxxx', 'client_secret' => '', 'enabled' => '1', 'directory' => 'xxxxxxxxxx', 'return_url' => 'https://myapp.com/redirectURL' ] ] ];

Thanks!

[kschroeder]

@lamplmatt Yes, I believe the secret is necessary.

[FrankDaze]

the redirect URL must be the same, as the one that you set up in the Azure backend.
Then the error is gone.

[FabricioPatrocinio]

Just try this version:

"require": {
        "league/oauth2-facebook": "^2.0"
    }
}

then update your composer with:
composer update
So, tell me if it worked!

[zeroKnowledge190]

Hi, I need some help still related on this issue. Uncaught League\OAuth2\Client\Provider\Exception\IdentityProviderException: invalid_client.
I just setup my Laravel App Auth with Azure AD and with the correct configurations. Then I was able to sign in but I came up to this error. Invalid Client.
I already tried the recommend work around as it was shown earlier for this issue but still, I came up with this Fatal Error:
Uncaught League\OAuth2\Client\Provider\Exception\IdentityProviderException: invalid_client. Hope somebody can help me.Thank you.

[mydearjt]

How I display username that has login on PHP Web app