Can not change refresh_token

  • 1
  • Problem
  • Updated 12 months ago
Hello, i use the library https://github.com/ringcentral/ringcentral-php.
$apiResponse = $rcsdk->platform()->post('/restapi/oauth/token', [
'refresh_token' => $data['refresh_token'],
'grant_type' => 'refresh_token',
'endpoint_id' => $_ENV['RC_AppKey']
]);

I get a response from the server, Unsupported grant type. What is the problem?
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb

Posted 1 year ago

  • 1
Photo of Phong Vu

Phong Vu, Devangelist

  • 4,726 Points 4k badge 2x thumb
Hi Alexey,

Why do you want to change the refresh token? After logged in, if the access token expired, you can call $rcsdk->platform()->refresh() to refresh the access token. If the refresh token also expired, you just need to call $rcsdk->platform()->login($option) again.

You can always check if the access token and the refresh token is still valid or not to decide what to do by calling $rcsdk->auth()->accessTokenValid() or $rcsdk->auth()->accessTokenValid(), respectively.

+ Phong
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
We need automation of the process, is it possible to authorize without entering a username and password?
Photo of John Wang

John Wang, Official Rep

  • 5,786 Points 5k badge 2x thumb
Alexey,

Can you verify that your app has the "Refresh Access Token" flow grant which is required to refresh your token? I will look like the following in the "Settings" > "OAuth Settings" > "Authorization Flows" section of your app configuration as shown below:



Thanks,
John
(Edited)
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Instead of the code you post, could you please try `$rcsdk->platform()->refresh()` instead? Because the PHP SDK already provides method for refreshing.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
method out of the box, why it does not work?
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Because you haven't got the token yet. So you cannot call refresh.

`->authUrl()` method return an URL, it doesn't do authorization at all.
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
`->login('username', 'extension (or leave blank)', 'password');` does authorization
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
what headings need to be passed to api, we write on the php curl? I have such problems though with a library, though with a self-written code?
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
thanks, helped, I thought I was already authorized
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Awesome! Feel free to post more questions and we are here to help :)
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
Another question is, we are not going to use your library, we need to form a curl request for php, perhaps you have an instruction how to do it?
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Get token via curl:

curl -i -X POST "https://platform.devtest.ringcentral.com/restapi/oauth/token"; \
-H "Accept: application/json" \
-H "Content-Type: application/x-www-form-urlencoded" \
-u "clientId:clientSecret" \
-d "username=aaa&password=bbb&extension=&grant_type=password"
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Refresh token is similar to get token.

For other api calls, please use https://developer.ringcentral.com/api-explorer/latest/index.html

After you try it, it will show you the curl command.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
an hour ago about authorized, now does not work
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
or it allows you to log in once?
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
You are trying authorization code flow instead of password flow. And it seems that your RingCentral app only supports Password flow.
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
For authorization code flow, please refer to this demo: https://github.com/ringcentral/ringcentral-demos-oauth/tree/master/php
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Login developer.ringcentral.com, go to your RingCentral app, navigate to Settings tab. And search for "Authorization Flows". There should be "Authorization code flow", otherwise your code won't work. 

You can create a new app and make it support Authorization code flow.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
I chose the type Server only, but my query does not work.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://platform.devtest.ringcentral.com/restapi/oauth/token;");
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,false);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST,'POST');
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,false);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'username=+13127675868&password=k%agZJw*****&extension=101&grant_type=password');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_USERPWD, "J0yi-vxPQGCqqYW*****" . ":" . "adiZ7tdbTn6hX4Zps940PAF_qMRJKtTCS6vI******");

$headers = array();
$headers[] = "Accept: application/json";
$headers[] = "Content-Type: application/x-www-form-urlencoded";
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
}

curl_close ($ch);
echo '<pre>';
print_r($result);
die();


help with headers
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
It means clientId or clientSecret is wrong. If you just created a new RC app, you should use its clientId & clientSecret instead of the old app's.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
there everything is correct, I checked, the error is the same
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
There shouldn't be a semicolon at the end of URL. I made a typo in my curl sample.

I have no experience with PHP-Curl. The curl sample I provided should work and I tested it multiple times.

Could you please print the headers you sent to the server? Let's see why it complains authorization header is invalid.
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
You can use something like https://github.com/Runscope/requestbin#deploy-your-own-instance-using-docker to inspect the headers you sent.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
$client_id = 'J0yi-vxPQGCqqYWwLVylBA';
$client_secret = 'adiZ7tdbTn6hX4Zps940PAF_qMRJKtTCS6vIozjVqlog';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://platform.devtest.ringcentral.com/restapi/oauth/token;");
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,false);
curl_setopt($ch,CURLOPT_CUSTOMREQUEST,'POST');
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,false);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'username=+XXXXXXXX&password=XXXXXXXX&extension=101&grant_type=password');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_USERPWD, $client_id. ":".$client_secret);

$headers = array();
$headers[] = "Accept: application/json";
$headers[] = "Content-Type: application/x-www-form-urlencoded";
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
}

curl_close ($ch);
echo '
';
print_r($result);
(Edited)
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
(Edited)
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
After you fix the issue above, you will get this error:

<pre>{
  "timestamp" : 1527244216326,
  "status" : 400,
  "error" : "Bad Request",
  "exception" : "org.eclipse.jetty.http.BadMessageException",
  "message" : "Unable to parse form content",
  "path" : "/authorization/v1/oauth/token"
}%

It is because there is special character in your password which curl dislikes.
(Edited)
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
Yes, I received this error, there was a misprint in the link when copied), thank you very much, I'm just shocked, I sat for the whole evening and could not understand the problem, why not make a password check and report this error
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
How do I delete a password message now?
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
I don't have the permission to delete either. I will turn to my colleagues for help. They live in different time zone so maybe they won't respond in several hours.

You should just change your password for security.

I will find some one to edit the password message but you have to wait.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
again headers)
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
do I need to transfer in headers client_id and client secret?
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
Why don't you use the official PHP SDK instead? It handles headers for you automatically.  
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
I can not use php in general, now I'm writing on php to quickly rewrite it to zoho, which knows which headers and data to send.
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
I will write in the language of the zoho deluge
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
the last mistake I received, { "message" : "Unsupported Media Type", "errors" : [ ] }
Photo of Alexey Shpilka

Alexey Shpilka

  • 324 Points 250 badge 2x thumb
I understood what the problem was not to use urlencoded
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,456 Points 5k badge 2x thumb
If I was you, I would choose Ruby instead of PHP for Proof of concept. You have to rewrite the code in zoho deluge anyway. So you just choose the language which could help you to get things done very quickly.

I am not telling you that Ruby is quicker to write than PHP. Because we have an official Ruby SDK which is 10 times simpler than the PHP SDK. (Disclaimer: I am the author of the Ruby SDK while I am not the author of the PHP SDK).

By reading the Ruby SDK's source code here, you can quickly figure out everything you need to know.  https://github.com/ringcentral/ringcentral-ruby/blob/master/lib/ringcentral.rb

For example: by reading https://github.com/ringcentral/ringcentral-ruby/blob/master/lib/ringcentral.rb#L159  You will know that before you get the token, you should use basic header, and after you get the token you should use bearer token instead.
(Edited)