Error on entering correct credentials for login

anon84081254 · 6월 15, 2017, 12:51오후

Hi

I have created an application to integrate Login via Kakao.

When i click Login, it takes me to Kakao login screen and on entering correct email and password, it throws this error (see screenshot).

URL of my application page is https://d8b6cf91.ngrok.io/path/to/login/page

Kakao error screen URL is https://kauth.kakao.com/oauth/authorize?client_id=CLIENT_SECRET&redirect_uri=REDIRECT_URI&response_type=code&state=5986ed347b6b3d1394c8c2a264c1e292854ec9fd9c92457a

This URL contains correct CLIENT_SECRET and redirect path. I have tried setting application domain to
https://ngrok.io, https://d8b6cf91.ngrok.io, and also to http://localhost:3000 but nothing works.

Please let me know how this can be fixed.

Thanks

kino_009 · 6월 19, 2017, 5:22오전

ClientSecret is not used in the request of “https://kauth.kakao.com/oauth/authorize”.

The request should look like this:

ClientSecret is used in the request of POST: “http://kauth.kakao.com/oauth/token”

anon84081254 · 6월 19, 2017, 10:16오전

Got it. Thanks for the reply. I am now using Rest API KEY instead of CLIENT_SECRET for authorize request and i am able to enter the credentials on Kakao login page and approve the permissions needed for the app.

But the next request POST “https://kauth.kakao.com/oauth/token” breaks giving error: {"error":"redirect_uri_mismatch","error_description":"Redirect URI mismatch."}.

I have verified the redirect paths in my application and on Kakao developer console. Both are same. I believe the issue is because in the POST request for token, redirect url includes query params like code and state. Do i need to specify code and state params in the settings of my application on Kakao? If yes, how can i do that? What else do you suggest to fix this issue.

These are the params of POST request for token

{:raise_errors=>true, :parse=>nil, :body=>{“client_id”=>REST_API_KEY, “client_secret”=>CLIENT_SECRET, “grant_type”=>“authorization_code”, “code”=>CODE, :redirect_uri=>“https://8a557043.ngrok.io/path/to/callback?code=CODE&state=STATE”}, :headers=>{“Content-Type”=>“application/x-www-form-urlencoded”}}

Thanks

anon84081254 · 6월 19, 2017, 12:09오후

kino_009 · 6월 20, 2017, 2:53오전

if request of /oauth/authorize has param redirect_uri=http://test.com/oauth

request of POST /oauth/token should have param redirect_uri=http://test.com/oauth

redirect_uri should be same redirect_uri of the request : GET /oauth/authorize.