invalid_grant
Closed this issue · 4 comments
I was working with this package yesterday, but unfortunately when I came back, and access the /manage/xero, it returns an error.
Error
invalid_grant
Controller
<?php
namespace App\Http\Controllers;
use Webfox\Xero\OauthCredentialManager;
class XeroController extends Controller
{
public function index(OauthCredentialManager $xeroCredentials)
{
try {
if($xeroCredentials->exists()) {
/*
* We have stored credentials so we can resolve the AccountingApi,
* If we were sure we already had some stored credentials then we could just resolve this through the controller
* But since we use this route for the initial authentication we cannot be sure!
*/
$xero = resolve(\XeroAPI\XeroPHP\Api\AccountingApi::class);
$organisationName = $xero->getOrganisations($xeroCredentials->getTenantId())->getOrganisations()[0]->getName();
$user = $xeroCredentials->getUser();
$username = "{$user['given_name']} {$user['family_name']} ({$user['username']})";
}
} catch(\throwable $e) {
$error = $e->getMessage();
}
return view('xero', [
'connected' => $xeroCredentials->exists(),
'error' => $error ?? null,
'organisationName' => $organisationName ?? null,
'username' => $username ?? null
]);
}
}
Please let me know if you need any code/details that is not indicated yet on my post.
I'm dealing with something similar.
deleting /storage/framework/xero.json got me back authenticating.
In my case, I am using the same clientid/clientsecret on my dev box and production server and think that may have something to do with it. I've now switched to using a unique clientid/clientsecret on each environment but now getting a 500 error screen on production without the redirect to xero for authentication happening.
Have observed similar behaviour and it usually boils down to:
- Auth process bailed or no offline_access scope and didn't provide a new refresh token
- Refresh token has expired (60 days)
- User has been revoked
- Offline_Access scope removed
Quick and dirty fix is to delete the xero.json store and go through auth flow again, I personally have multi-user storage provider so I have a cron task to purge the store once a month. In most cases seems it's more common that the refresh token has expired so might look into checking it and forcing user to complete auth flow before throwing invalid_grant
I'm having the same issue too however when I try to search for the xero.json file, I am unable to find it. Before I encounter this issue I had another issue which is this. Any idea how do I fix this?
Webfox\Xero\Oauth2CredentialManagers\FileStore::store(): Argument #2 ($tenants) must be of type ?array, string given,
@MarcusLEK
if using the default fileStore and disk it should be inside storage/app/
As for your error that's likely due to using the new v4.0.0 package which introduces mutli-tenant so if your using a custom storage provider either adjust your provider to match the webfox\xero\OauthCredentialManager interface or downgrade to use v3.0.0