Score:0

401 error when trying to retrieve OAuth authorization code

in flag

I'm building a decoupled Next.js frontend to consume data from Drupal JSON:API on a local site installed with Lando. I want to use the simple_oauth module to allow registered users to edit content on the front end.

My first target is requesting an Authorization Code, so I'm testing the request in Postman and with cURL. Both approaches are consistently giving me 401 "invalid_client" error messages.

To the best of my knowledge, all the settings are correct including the required RSA keys, but I have yet to figure this out. Here's the cURL command I'm using:

curl -X GET \
'http://react1.lndo.site/oauth/authorize?client_id=b7958f62-df63-4b95-9a55-20954178d788&response_type=code&redirect_uri=http://react1.lndo.site&scope=oauth'

...where http://react1.lndo.site is my Drupal 9 Lando site url, b7958f62-df63-4b95-9a55-20954178d788 is the UUID of my consumer, and 'oauth' is the name of a role I created with permissions to allow registered users to add, edit and delete Article nodes (*this role is selected in the 'Scopes' list of the consumer).

I've searched for hours including tons of questions to ChatGPT, but have yet to figure this out. Please help me get on the right track.

Score:0
de flag

Looking through the Simple OAuth code, a Consumer entity is loaded with the field client_id having a value of the client_id parameter from the URL. You said you are passing the UUID of the Consumer as the client_id in your URL which would be incorrect, and explain why the system says your consumer is not found. You should view/observe/dump the consumer to determine the value of the client_id field.

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.