unauthorized_client

[klamse]

I have an issue with the example on this page: https://github.com/authlib/example-oauth2-server

curl -u zdIKyq4ngefIcRtcU83mYK4x:oBxXfYNeqGtBq07UHrmMXLfonxTimxoJ0qpIhV9lQWYtN82Z -XPOST http://127.0.0.1:5000/oauth/token -F grant_type=password -F username=test1 -F password=valid -F scope=profile

Response: {"error": "unauthorized_client"} There is not enough debug to let me know what the issue is. The username is test1, correct.

From http://127.0.0.1:5000/ (copied from HTML)

Logged in as test1 (Log Out) Client Info client_id: zdIKyq4ngefIcRtcU83mYK4x client_secret: oBxXfYNeqGtBq07UHrmMXLfonxTimxoJ0qpIhV9lQWYtN82Z client_id_issued_at: 1637592243 client_secret_expires_at: 0 Client Metadata client_name: test client_uri: https:/authlib.org grant_types: ['authorization_code, password'] redirect_uris: ['https://authlib.org'] response_types: ['code'] scope: profile token_endpoint_auth_method: client_secret_basic

[lorenzob]

If you are seeing this error it may be due, like in this case, to an error in compiling the Allowed Grant Types in the client creation form. The types "authorization_code" and "password" need to be one on each line, with no commas. The screenshot is not wrapping, you need two lines.

You should see an array with two elements in the database:

sqlite> select * from oauth2_client;
3|1|k4CsQEQJh97HjVffMtIXLbOV|Ct8WznxZVrS9MmtRxaZNc4XafMsfU7r6KrGhQ1PnL8WIEbv7|1720097495|0|{"client_name":"Fixed","client_uri":"https://authlib.org","grant_types":["authorization_code","password"],"redirect_uris":["https://authlib.org"],"response_types":["code"],"scope":"profile","token_endpoint_auth_method":"client_secret_basic"}

like:

grant_types":["authorization_code","password"]