Hello!
I’m trying to authenticate with Asana from a Laravel appplication.
I’m following this example: Asana
I can send a user to oauth_authorize, the user is redirected to the redirect_uri but whem the app sends request to oauth_token I get the error: HTTP request returned status code 400: { “error”: “invalid_grant”, “error_description”: "The PKCE code_verifier does not meet the specification.
The full response is:
Illuminate\Http\Client\Response {#301 ▼
#response: GuzzleHttp\Psr7\Response {#337 ▶}
#decoded: null
+"cookies": GuzzleHttp\Cookie\CookieJar {#318 ▼
-cookies: array:2 [▶]
-strictMode: false
}
+"transferStats": GuzzleHttp\TransferStats {#338 ▼
-request: GuzzleHttp\Psr7\Request {#331 ▼
-method: "POST"
-requestTarget: null
-uri: GuzzleHttp\Psr7\Uri {#319 ▼
-scheme: "https"
-userInfo: ""
-host: "app.asana.com"
-port: null
-path: "/-/oauth_token"
-query: ""
-fragment: ""
-composedComponents: "https://app.asana.com/-/oauth_token"
}
-headers: array:4 [▼
"Content-Length" => array:1 [▼
0 => "287"
]
"User-Agent" => array:1 [▼
0 => "GuzzleHttp/7"
]
"Host" => array:1 [▼
0 => "app.asana.com"
]
"Content-Type" => array:1 [▼
0 => "application/x-www-form-urlencoded"
]
]
-headerNames: array:4 [▼
"content-length" => "Content-Length"
"user-agent" => "User-Agent"
"host" => "Host"
"content-type" => "Content-Type"
]
-protocol: "1.1"
-stream: GuzzleHttp\Psr7\Stream {#322 ▼
-stream: stream resource @485 ▼
wrapper_type: "PHP"
stream_type: "TEMP"
mode: "w+b"
unread_bytes: 0
seekable: true
uri: "php://temp"
options: []
}
-size: 287
-seekable: true
-readable: true
-writable: true
-uri: "php://temp"
-customMetadata: []
}
}
-response: GuzzleHttp\Psr7\Response {#337 ▼
-reasonPhrase: "Bad Request"
-statusCode: 400
-headers: array:16 [▼
"Date" => array:1 [▼
0 => "Tue, 06 Sep 2022 20:04:26 GMT"
]
"Content-Type" => array:1 [▼
0 => "application/json; charset=UTF-8"
]
"Transfer-Encoding" => array:1 [▼
0 => "chunked"
]
"Connection" => array:1 [▼
0 => "keep-alive"
]
"Server" => array:1 [▼
0 => "nginx"
]
"X-Frame-Options" => array:1 [▼
0 => "SAMEORIGIN"
]
"X-Content-Type-Options" => array:1 [▼
0 => "nosniff"
]
"X-XSS-Protection" => array:1 [▼
0 => "1; mode=block"
]
"X-UA-Compatible" => array:1 [▼
0 => "IE=edge,chrome=1"
]
"Content-Security-Policy" => array:1 [▼
0 => "report-uri /-/csp_report?report_only=false; script-src 'self' 'unsafe-inline' https://ssl.gstatic.com https://apis.google.com https://d3ki9tyy5l5ruj.cloudfront.net https://d1gwm4cf8hecp4.cloudfront.net https://d1a3usp4brejtz.cloudfront.net https://d3u0af8znnrzzj.cloudfront.net https://oauth.googleusercontent.com https://app.box.com https://platform.twitter.com https://connect.facebook.net https://platform.harvestapp.com https://www.google.com https://docs.google.com https://www.gstatic.com https://www.dropbox.com https://asana.recurly.com https://asanastage.recurly.com https://api.recurly.com https://js.recurly.com https://www.paypal.com/sdk/js https://recordwidget.vimeocdn.com https://api.stripe.com https://hooks.stripe.com https://js.stripe.com https://m.stripe.com https://m.stripe.network https://q.stripe.com https://prod-eu1.app.asana.com https://prod-au1.app.asana.com https://prod-jp1.app.asana.com https://cdn.cookielaw.org; frame-src 'self' https://www.figma.com https://*.invisionapp.com https://invis.io https://miro.com https://whimsical.com https://www.loom.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.com https://www.canva.com https://xd.adobe.com https://*.looker.com https://lucid.app https://*.okta.com https://accounts.google.com https://content.googleapis.com https://www.google.com https://docs.google.com https://fast.wistia.net https://www.dropbox.com https://platform.harvestapp.com https://asanaops.wufoo.com https://forms.asana.plus https://forms-server.asana.plus https://local.asana.com https://asana.com https://api.recurly.com https://apisandbox.zuora.com https://www.zuora.com https://www.sandbox.paypal.com https://www.paypal.com https://recordwidget.vimeocdn.com https://api.stripe.com https://hooks.stripe.com https://js.stripe.com https://m.stripe.com https://m.stripe.network https://q.stripe.com https://pixel.asana.com https://d17ihzt85nhn2y.cloudfront.net https://d3ki9tyy5l5ruj.cloudfront.net https://prod-eu1.app.asana.com https://prod-au1.app.asana.com https://prod-jp1.app.asana.com https://cdn.cookielaw.org; worker-src 'self' blob: https://d3ki9tyy5l5ruj.cloudfront.net; child-src 'self' blob: https://d3ki9tyy5l5ruj.cloudfront.net; object-src 'self'; plugin-types application/pdf; base-uri 'none', report-uri /-/csp_report?report_only=false; script-src https: 'unsafe-inline' 'strict-dynamic' 'report-sample' 'nonce-ftbqv16ypo12x6ih3dnz584mh' ◀"
]
"Content-Security-Policy-Report-Only" => array:1 [▼
0 => "report-uri /-/csp_report?report_only=true; script-src 'self' 'unsafe-inline' 'report-sample' https://ssl.gstatic.com https://apis.google.com https://d3ki9tyy5l5ruj.cloudfront.net https://d1gwm4cf8hecp4.cloudfront.net https://d1a3usp4brejtz.cloudfront.net https://d3u0af8znnrzzj.cloudfront.net https://oauth.googleusercontent.com https://app.box.com https://platform.twitter.com https://connect.facebook.net https://platform.harvestapp.com https://www.google.com https://docs.google.com https://www.gstatic.com https://www.dropbox.com https://asana.recurly.com https://asanastage.recurly.com https://api.recurly.com https://js.recurly.com https://www.paypal.com/sdk/js https://recordwidget.vimeocdn.com https://prod-eu1.app.asana.com https://prod-au1.app.asana.com https://prod-jp1.app.asana.com https://cdn.cookielaw.org; frame-src 'self' https://www.figma.com https://*.invisionapp.com https://invis.io https://miro.com https://whimsical.com https://www.loom.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.com https://www.canva.com https://xd.adobe.com https://*.looker.com https://lucid.app https://*.okta.com https://accounts.google.com https://content.googleapis.com https://www.google.com https://docs.google.com https://fast.wistia.net https://www.dropbox.com https://platform.harvestapp.com https://asanaops.wufoo.com https://forms.asana.plus https://forms-server.asana.plus https://local.asana.com https://asana.com https://api.recurly.com https://apisandbox.zuora.com https://www.zuora.com https://www.sandbox.paypal.com https://www.paypal.com https://recordwidget.vimeocdn.com https://pixel.asana.com https://d17ihzt85nhn2y.cloudfront.net https://d3ki9tyy5l5ruj.cloudfront.net https://prod-eu1.app.asana.com https://prod-au1.app.asana.com https://prod-jp1.app.asana.com https://cdn.cookielaw.org; worker-src 'self' blob: https://d3ki9tyy5l5ruj.cloudfront.net; child-src 'self' blob: https://d3ki9tyy5l5ruj.cloudfront.net; object-src 'self'; plugin-types application/pdf; base-uri 'none', report-uri /-/csp_report?report_only=true; script-src https: 'unsafe-inline' 'strict-dynamic' 'report-sample' 'nonce-ftbqv16ypo12x6ih3dnz584mh' ◀"
]
"Cache-Control" => array:1 [▼
0 => "no-store"
]
"Pragma" => array:1 [▼
0 => "no-cache"
]
"Set-Cookie" => array:2 [▼
0 => "logged_out_uuid=ade1256401a27a9e3078cb0ef6b2f991; expires=Thu, 06 Oct 2022 20:04:26 GMT; path=/; domain=asana.com; SameSite=None; secure"
1 => "TooBusyRedirectCount=0"
]
"X-Asana-Content-String-Length" => array:1 [▼
0 => "216"
]
"X-Robots-Tag" => array:1 [▼
0 => "none"
]
]
-headerNames: array:16 [▼
"date" => "Date"
"content-type" => "Content-Type"
"transfer-encoding" => "Transfer-Encoding"
"connection" => "Connection"
"server" => "Server"
"x-frame-options" => "X-Frame-Options"
"x-content-type-options" => "X-Content-Type-Options"
"x-xss-protection" => "X-XSS-Protection"
"x-ua-compatible" => "X-UA-Compatible"
"content-security-policy" => "Content-Security-Policy"
"content-security-policy-report-only" => "Content-Security-Policy-Report-Only"
"cache-control" => "Cache-Control"
"pragma" => "Pragma"
"set-cookie" => "Set-Cookie"
"x-asana-content-string-length" => "X-Asana-Content-String-Length"
"x-robots-tag" => "X-Robots-Tag"
]
-protocol: "1.1"
-stream: GuzzleHttp\Psr7\Stream {#334 ▼
-stream: stream resource @496 ▼
wrapper_type: "PHP"
stream_type: "TEMP"
mode: "w+b"
unread_bytes: 0
seekable: true
uri: "php://temp"
options: []
}
-size: null
-seekable: true
-readable: true
-writable: true
-uri: "php://temp"
-customMetadata: []
}
}
-transferTime: 0.991628
-handlerStats: array:38 [▼
"url" => "https://app.asana.com/-/oauth_token"
"content_type" => "application/json; charset=UTF-8"
"http_code" => 400
"header_size" => 5254
"request_size" => 436
"filetime" => -1
"ssl_verify_result" => 0
"redirect_count" => 0
"total_time" => 0.991628
"namelookup_time" => 0.004482
"connect_time" => 0.220329
"pretransfer_time" => 0.689512
"size_upload" => 287.0
"size_download" => 216.0
"speed_download" => 217.0
"speed_upload" => 289.0
"download_content_length" => -1.0
"upload_content_length" => 287.0
"starttransfer_time" => 0.986694
"redirect_time" => 0.0
"redirect_url" => ""
"primary_ip" => "44.195.135.116"
"certinfo" => []
"primary_port" => 443
"local_ip" => "192.168.43.97"
"local_port" => 54921
"http_version" => 2
"protocol" => 2
"ssl_verifyresult" => 0
"scheme" => "HTTPS"
"appconnect_time_us" => 689296
"connect_time_us" => 220329
"namelookup_time_us" => 4482
"pretransfer_time_us" => 689512
"redirect_time_us" => 0
"starttransfer_time_us" => 986694
"total_time_us" => 991628
"appconnect_time" => 0.689296
]
-handlerErrorData: 0
}
}
If anyone could help me I will be very grateful