Client authentication failed when requesting tokens #464
Description
I am using a PKCE flow. I am successfully getting an authentication code from the OP but I get PHP errors from this library when it requests tokens.
As reported in another issue, requestTokens performs a urlencode() on $this->clientSecret, which happens to be NULL in my case. The OP does not support client secret.
So I tried changing the requestTokens function to this:
# Consider Basic authentication if provider config is set this way
if (!empty($this->clientSecret) && $this->supportsAuthMethod('client_secret_basic', $token_endpoint_auth_methods_supported)) {
Now I am not getting any more PHP errors but the OP is returning the error "invalid client" and error message "Client authentication failed" in its response to the token request.
Is this an issue with the OP? If so, why did I get a successful authentication code?
Am I missing something? Here's my code:
$oidc = new OpenIDConnectClient(
$url,
$clientId
);
$oidc->setCodeChallengeMethod('S256');
if ($oidc->authenticate())
{
...
}