Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

$provider->getResourceOwner error #12

Closed
welove opened this issue Jul 13, 2020 · 9 comments
Closed

$provider->getResourceOwner error #12

welove opened this issue Jul 13, 2020 · 9 comments

Comments

@welove
Copy link

welove commented Jul 13, 2020

Hello,

When using this line of code:

$user = $provider->getResourceOwner($token);

I'm getting the following error:

Fatal error: Uncaught TypeError: Argument 1 passed to League\OAuth2\Client\Provider\Apple::createResourceOwner() must be of the type array, null given, called in /var/www/vhosts/fitben.site/vendor/league/oauth2-client/src/Provider/AbstractProvider.php on line 769 and defined in /var/www/vhosts/fitben.site/vendor/patrickbussmann/oauth2-apple/src/Provider/Apple.php:191 Stack trace: #0 /var/www/vhosts/fitben.site/vendor/league/oauth2-client/src/Provider/AbstractProvider.php(769): League\OAuth2\Client\Provider\Apple->createResourceOwner(NULL, Object(League\OAuth2\Client\Token\AppleAccessToken)) #1 /var/www/vhosts/fitben.site/httpdocs/paginas/refresh/apple-callback.php(39): League\OAuth2\Client\Provider\AbstractProvider->getResourceOwner(Object(League\OAuth2\Client\Token\AppleAccessToken)) #2 {main} thrown in /var/www/vhosts/fitben.site/vendor/patrickbussmann/oauth2-apple/src/Provider/Apple.php on line 191

I used this git on another project and everything works fine, can this be an issue with a recent update to you package?
@patrickbussmann
Copy link
Owner

patrickbussmann commented Jul 13, 2020 via email

@patrickbussmann
Copy link
Owner

@welove:

You call this:

$user = $provider->getResourceOwner($token);

So it will use the league/oauth2-client library.
https://github.com/thephpleague/oauth2-client/blob/master/src/Provider/AbstractProvider.php#L765

This will fetch the details from your oauth2 provider (its Apple).

    $response = $this->fetchResourceOwnerDetails($token);

    return $this->createResourceOwner($response, $token); // here $response is NULL

So fetchResourceOwnerDetails will returning NULL.

When we check the code here: https://github.com/patrickbussmann/oauth2-apple/blob/master/src/Provider/Apple.php#L115
We'll see that the code uses the $_GET or $_POST parameter to getting user data.
And because thats nothing it's NULL.

Can you please post the link location href (browser url) when you get this error?
It's like localhost/oauth-check?user=%7B%22firstName%22%3A%22John%22%7D

But I also added a test case and a fix for it in the new version.

Your $_POST['user'] seems to be an empty string or the $_GET['user'] is an empty string.
Thats the reason for the issue.

@patrickbussmann
Copy link
Owner

@welove please test this script, too.

$token = null;
try {
	$token = $provider->getAccessToken('authorization_code', [
		'code' => $_POST['code']
	]);
}
catch(Exception $exception) {
	var_dump($exception->getCode(), $exception->getMessage());
}

It should show you "invalid_grant".

I had the same issue now.
It happen when you using Apples "code" more than one time.

@welove
Copy link
Author

welove commented Jul 15, 2020
edited
Loading

Hello, I tested the script and it didn't catch any exception.
I'm getting $_POST['code'] and $token is set with the value "a5416d9c8257944f48bddcfbd13d8b031.0.nyvt.VUTfqjF_nLWw-LXG17ciGw".

One curious thing, is that I get the Fatal Error I mentioned in the first comment, only when I Sign In for the first time! If my Apple ID already authorized the app, the login works fine. Only problem is that it's only possible to get the users First and Last name on the first authorization.

@patrickbussmann
Copy link
Owner

Hmm confusing.
But anyway its fixed with the new version.
Hopefully it works as expected on your side - when its only when you log in the first time.

I release the new version soon so you can try with dev-master.

@welove
Copy link
Author

welove commented Jul 15, 2020
edited
Loading

I just updated the new script you've released, and now I don't get any error.

But I'm not getting the user name:

$pnome = $user->getFirstName();
$unome = $user->getLastName();

this stays empty :(
Email is fine!

What is stranger is that I have your script on another server and everything works fine.
Could it be some misconfiguration in PHP/Apache on this server?

@patrickbussmann
Copy link
Owner

No it cant run fine.
Because you'll get first name, last name and email only at the very first request.
So please remove your application first from https://appleid.apple.com/

Then try again please 👍

@welove
Copy link
Author

welove commented Jul 15, 2020

Already did that.
I'm constantly removing the application and testing the login like it's the user's first time.

On the dialog prompt it asks me to authorize the Name and Email like its supposed to. But $user->getFirstName(); still returns empty.
Can I privately email you the link for the website so you can try it yourself?

@patrickbussmann
Copy link
Owner

After mailing a bit we found the issue.
The $_POST was manipulated by a third party file.
Few years ago we called it Magic Quotes: https://www.php.net/manual/de/security.magicquotes.php

So when someone else has this issue please check if the $_POST is manipulated somewhere. 😉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@welove @patrickbussmann