I'm trying to retrieve a OAUTH2 token from our fusionauth server 1.16.1
Login over SAML work's perfect. the login page php request /oauth2/authorize? and the redirect to /callback works.
login page php
$redirect_url = urlencode('http://test.eyecatcher.ch/callback');
$location = 'https://{auth domain}/oauth2/authorize?client_id={client id}&response_type=code&redirect_uri=' . $redirect_url;
header( "Location: " . $location );
In fusionauth, OAuth Application-Settings, the "Authorized redirect URLs" are set.
It doesn't matter which redirect_url is entered, the error always appears
callback page php
$client_id = "{client id}";
$clientSecret = '{client secrect}';
$base64Auth = base64_encode($client_id . ":" . $clientSecret );
$code = $_GET[ "code" ];
$url = 'https://{auth domain}/oauth2/token';
$redirect_url = urlencode('http://test.eyecatcher.ch/callback');
$header = array( 'Authorization: Basic ' .$base64Auth .'',
'Content-Type: application/x-www-form-urlencoded' );
$post = [
'code' => $code,
'grant_type' => 'authorization_code',
'redirect_uri' => $redirect_url,
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header );
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
$response = curl_exec($ch);
var_export($response);
After this request i get this error message.
{"error":"invalid_grant","error_description":"redirect_uri: http%3A%2F%2Ftest.eyecatcher.ch%2Fcallback is not valid.","error_reason":"invalid_redirect_uri"}
