Sign Up ›
  • Andrzej Borkowski 3
  • NEWBIE
  • 0 Points
  • Member since 2016
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
    Questions
  • 1
    Replies
SOLVED
5 replies

PHP and OAuth 2.0 JWT Bearer Token Flow

Hi,

I am running into this error: 
{
  error_description: "expired authorization code"
  error: "invalid_grant"
}
Currently trying to connect to my Sandbox 'Connected App' from a client server running PHP scripts and using OAuth 2.0 JWT Bearer Token Flow as the method of authentication. I have gone over and over this document (OAuth 2.0 JWT Bearer Token Flow (https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_oauth_jwt_flow.htm&language=en_US#validate_token)) so many times but can not seem to understand why i am getting this error.

I've checked my connected App settings and provided full access already with no restrictions of IP address so I don't know why I get expired authorization code error. Maybe it is in my PHP coding from the client side requesting the 'Access Token'? Here is my Code.
  
// You need to set these three to the values for your own application
define('CONSUMER_KEY', 'abc123');
define('CONSUMER_SECRET', '1234');
define('LOGIN_BASE_URL', 'https://test.salesforce.com');

//Json Header
$h = array(
	"alg" => "RS256"	
);

$jsonH = json_encode(($h));	
$header = base64_encode($jsonH); 

//Create JSon Claim/Payload
$c = array(
	"iss" => CONSUMER_KEY, 
	"sub" => "myemail@email.com", 
	"aud" => LOGIN_BASE_URL, 
	"exp" => "1333685628"
);

$jsonC = (json_encode($c));	
$payload = base64_encode($jsonC);

//Sign the resulting string using SHA256 with RSA
$s = hash_hmac('sha256', $header.'.'.$payload, CONSUMER_SECRET);
$secret = base64_encode($s);


$token = $header . '.' . $payload . '.' . $secret;

$token_url = LOGIN_BASE_URL.'/services/oauth2/token';

$post_fields = array(
	'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
	'assertion' => $token
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

// Make the API call, and then extract the information from the response
    $token_request_body = curl_exec($ch) 
        or die("Call to get token from code failed: '$token_url' - ".print_r($post_fields, true));
Hope any one out there might be able to help me solve this!

Thanks.
Regards,
Joey