XF 2.3 Hi Everyone- Api Unauthorized issue

K

kirbyallison

New member
i am integrating xenforo with laravel but i am facing issue regarding {"error":[{"code":"unauthorized","message":"api_error.unauthorized","params":[]}]} but i set all api_key premission Apikey section please i am new to this

Route::get('/auth/xenforo', function () {
$queryParams = http_build_query([
'client_id' => config('services.xenforo.client_id'),
'redirect_uri' => config('services.xenforo.redirect'),
'response_type' => 'code',
'state' => csrf_token(),
]);
$response = Http::withHeaders([
'Authorization' => 'Bearer ' . config('services.xenforo.api_key'),
'Accept' => 'application/json',
])->get(config('services.xenforo.base_url') . "/oauth/authorize?$queryParams");
Log::info('XenForo Callback Hit', ['response' => $response->json()]);
if ($response->successful()) {
return redirect($response->json('redirect_url'));
}
return response()->json([
'error' => $response->json('errors') ?? 'Failed to authenticate',
], $response->status());
});
 
Sort by date Sort by votes
It is helpful to nest code in code blocks so it's properly formatted:

PHP: 
Route::get('/auth/xenforo', function () {
    $queryParams = http_build_query([
        'client_id' => config('services.xenforo.client_id'),
        'redirect_uri' => config('services.xenforo.redirect'),
        'response_type' => 'code',
        'state' => csrf_token(),
    ]);

    $response = Http::withHeaders([
        'Authorization' => 'Bearer ' . config('services.xenforo.api_key'),
        'Accept' => 'application/json',
    ])->get(config('services.xenforo.base_url') . "/oauth/authorize?$queryParams");

    Log::info('XenForo Callback Hit', ['response' => $response->json()]);

    if ($response->successful()) {
        return redirect($response->json('redirect_url'));
    }

    return response()->json([
        'error' => $response->json('errors') ?? 'Failed to authenticate',
    ], $response->status());
});

In any case, this isn't the standard OAuth flow. You redirect the end-user to the /oauth2/authorize page in a browser, with the following GET params:

PHP: 
$params = [
    'response_type' => 'code',
    'client_id' => ' config('services.xenforo.client_id'),
    'scope' => 'your:scopes', // the scopes you want the user to have access to, as configured for the app in your XF control panel
    'redirect_uri' => 'https://someapp.com/callback', // the redirect URI, as configured for the app in your XF control panel
];

When redirected back to your app, you receive an authorization code in the code parameter, which you then use to redeem an access token from the /api/oauth2/token endpoint. Then you can use that access token in the Authorization header to authenticate future API requests.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

nero
  • Question Question
XF 2.3 API returning 401 / unauthorized error after migration
Replies
1
Views
58
nero
nero
Back
Top Bottom