Client does not have grant type: 'authorization_code' #232
Comments
|
Experiencing the same issue. I'll try to dig a bit further, must be a recent change since everything was working fine until this morning. |
|
They changed the client_id |
|
@recordsome that seems correct, but which ID should work? I'll try to reverse engineer the apk if I can. I tried another ID I at https://andshrew.github.io/PlayStation-Trophies/#/APIv2?id=powershell-7. The original ID has no So it must be another ID still... So these dont' work anymore:
|
|
Best solution is probably to pull it straight from the mobile app |
|
@wescopeland I'll try but I have never done that ^^ do you have any experience? |
|
I do but unfortunately I won't be able to attack it for another 10 hours or so :-( |
|
If you do a search by uuid in the android application code, it will not find it in plain text. So it's obfuscated They also added protection against traffic sniffing some time ago. So now it's not possible on ios to see what's going on in the webview during authorization |
|
On the mobile app I am seeing the following URL being called: with the following query params: There are a few more query params but they are probably specific to my account. I pulled this using Charles for iOS and sniffing the traffic. Note that when I feed these query params into psn-api's function for exchanging an NPSSO for an access code, I get a new error saying "Invalid token". |
|
@wescopeland Parameter 'client_id' is malformed. it's missing 2 characters yet. Maybe you copied it wrong? |
Yes, updated. It appears I am able to get a code but I am not able to exchange the code for access and refresh tokens. |
|
@wescopeland Is there a redirect_uri there in the link? |
|
It's the same as before, "com.playstation.PlayStationApp://redirect" |
|
@wescopeland I see similar behaviour. I can spot the following as a response: Looking into it further. |
const AUTH_BASE_URL = "https://ca.account.sony.com/api/authz/v3/oauth";
const queryString = new URLSearchParams({
access_type: "offline",
client_id: "70156ca4-e84e-4836-ade8-b254b76a9d9f",
redirect_uri: "com.playstation.PlayStationApp://redirect",
response_type: "code",
scope: "psn:mobile.v2.core"
}).toString();
const requestUrl = `${AUTH_BASE_URL}/authorize?${queryString}`;
const response = await fetch(requestUrl, {
headers: {
Cookie: `npsso=${npssoToken}`
},
redirect: "manual"
});This is the code I am executing to get a successful 302 response with an access code. |
|
@wescopeland Link is working now. I just was logged in and didn't understand |
|
@wescopeland Also need change parameters In the request to receive tokens by code There is a Header Basic YWM4ZDE2MWEtZDk2Ni00NzI4LWIwZWEtZmZlYzIyZjY5ZWRjOkRFaXhFcVhYQ2RYZHdqMHY= Need to update also. Can you check what's going What happens next webview. We need to check the token receipt request |
|
The /token call unfortunately is completely failing for me. In the mobile app I am seeing them hit a different /token endpoint. I don't know if it has always been this way or if this is a recent change. In the iOS mobile app, after /authorize, I see: |
|
Hi, I'm working on a Laravel and after setting de Npsso it returns an exception error, I think a bad request 400. It is possible that is the same thing and they changed something on the API? Thanks. |
|
Yes, you are likely facing the same issue we are trying to hunt down. |
Ok, thank you. |
|
After using the token url you posted above, I for now get the following response: # Note: the 'JSON: %{' is just Elixir, I decoded the return body from the POST
JSON: %{
"docs" => "https://auth.api.sonyentertainmentnetwork.com/docs/",
"error" => "invalid_grant",
"error_code" => 1,
"error_description" => "Bad request"
}I'm guessing it is not the correct token url after all... If only we could read the docs they supply 😆 |
|
Yeah I am feeling a bit stuck here, as it seems "psn:mobile.v1" and "psn:clientapp" are no longer valid scopes for the auth code endpoint. |
|
@wescopeland I agree. I tried a couple of combinations of those two and the new one you found, but the only one even passing the initial auth call is |
|
@jeroenbourgois What request are you making to get invalid_grant? |
Is it possible for you to find the |
|
I hope this is not too convoluted: %HTTPoison.Response{
status_code: 400,
body: "{\"error\":\"invalid_grant\",\"error_description\":\"Bad request\",\"docs\":\"https://auth.api.sonyentertainmentnetwork.com/docs/\",\"error_code\":1}",
headers: [
{"Server", "nginx"},
{"Content-Type", "application/json;charset=UTF-8"},
{"X-Psn-Request-Id", "9ab2aee91f117d5c0dd2092a4dfd25b3"},
{"X-Psn-Correlation-Id", "eb617da6-63f0-4ed6-9636-cabb62f6eb78"},
{"X-RequestId", "9ab2aee91f117d5c0dd2092a4dfd25b3"},
{"X-CorrelationId", "eb617da6-63f0-4ed6-9636-cabb62f6eb78"},
{"X-Content-Type-Options", "nosniff"},
{"Cache-Control", "no-store"},
{"Content-Length", "135"},
{"Date", "Tue, 13 Dec 2022 17:42:02 GMT"},
{"Connection", "close"},
{"Set-Cookie",
SOME_COOKIE; Domain=.sony.com; Path=/; Expires=Tue, 20 Dec 2022 17:42:02 GMT; Max-Age=604800; Secure"},
{"Set-Cookie",
SOME_COOKIE; Domain=.sony.com; Path=/; Expires=Tue, 13 Dec 2022 21:42:02 GMT; Max-Age=14400"}
],
request_url: "https://ca.account.sony.com/api/v1/oauth/token",
request: %HTTPoison.Request{
method: :post,
url: "https://ca.account.sony.com/api/v1/oauth/token",
headers: [
{"Authorization",
"Basic MDk1MTUxNTktNzIzNy00MzcwLTliNDAtMzgwNmU2N2MwODkxOnVjUGprYTV0bnRCMktxc1A="},
{"Content-Type", "application/x-www-form-urlencoded"}
],
body: "code=v3.dmdr&grant_type=authorization_code&redirect_uri=com.playstation.PlayStationApp%3A%2F%2Fredirect&scope=psn%3Amobile.v2.core&token_format=jwt",
params: %{},
options: []
}
}Note I also updated the Basic AUTH hash I found somewhere else. So as @Tustin was hinting at, it could be part of the solution to have the correct Basic auth hash. |
I've checked it twice. And this is the error
|
|
I also still have issues with the update:
|
|
@vicegold You haven't updated. The error code states " |
I did, the issue is, that only |
You're right, my mistake. Will push a fix right now! |
|
@Tustin Awesome, thank you! Can you also release a 3.0.4 when you get the chance please? :) |
Should be good to go now :) Let me know if there's any other issues! |
|
Perfect. |
Client does not have grant type: 'authorization_code'This error comes up when trying to login with an npsso. Is that something new?
Btw. that error from the API also triggers an uncaught ApiException:
The text was updated successfully, but these errors were encountered: