I am having trouble obtaining a valid authorization response following merchant authorization.
I am following this page guide but doesnt seem to work.
https://poynt.github.io/developer/cloud/integrating-with-poynt-cloud-apis.html#authorize-merchant
Steps 1-12 I have completed successfully without an issue.
I am not getting past step 13 however. I am confused because Ive tried several different approaches but none are working. Here is my PHP code I am using, i will show you both approaches.
//Here I am passing a self signed JWT that I created using the correct claim parameters and encoded RS256 (I know the JWT is correct because when I authenticate with the application, I am getting a proper JSON response. see below)
//here is the client auth redirect function which handles the json post data and then pushes
// the code value into the next authorization request, as the guide tells me to do.
public function authorization_redirect(){
$returnPOST = $this->input->get();
//var_dump($returnPOST);
$this->ajaxdata['businessID'] = $returnPOST['businessId'];
$this->ajaxdata['code'] = $returnPOST['code'];
$status = $returnPOST['status'];
//$accessJSON = send_curl();
echo "<h1>AUTHORIZATION RETURN DATA</h1>";
var_dump($returnPOST);
if($status=='success'){
echo "<h2>ATTEMPTING TO GET JWT ACCESS TOKEN</h2>";
$this->jwt_api_poynt();
}
}
/**
* Used after initial client authorization is complete to
* generate JWT accessToken for all successive API calls
*/
public function jwt_api_poynt(){
//get signed JWT from app JWT which
//$tokenJSON = $this->send_jwt_curl($this->firebase_jwt_rsa());
$tokenJSON = $this->firebase_jwt_rsa(); //this creates my encoded JWT
var_dump($tokenJSON);
$this->ajaxdata['accessToken'] = $tokenJSON->accessToken;
$this->send_api_curl($tokenJSON);
}
public function send_api_curl($tokenJSON=NULL){
$authorization = "Authorization: Bearer " . $tokenJSON;
//$authorization = "Authorization: Bearer " . $tokenJSON->accessToken;
$data = http_build_query(array(
'grant_type' => 'authorization_code',
'redirect_uri' => site_url('ajax/poynt_api_redirect'),
'client_id'=> $this->ajaxdata['client_id'],
'code' => $this->ajaxdata['code']
));
echo '<h2>Authorization JWT Signed</h2>';
echo $authorization;
echo '<h2>Code Access Token</h2>';
echo $this->ajaxdata['code'];
echo '<h2>JSON Data Array</h2>';
echo $data;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://services.poynt.net/token');
curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Accept: application/json', $authorization));
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$information = curl_getinfo($ch);
//var_dump($information);
//return false;
$result = curl_exec($ch);
curl_close($ch);
echo '<h1>AUTHORIZATION RETURN DATA</h1>';
var_dump(json_decode($result));
return json_decode($result);
}
Here is the response I am getting
object(stdClass)#24 (5) { ["code"]=> string(19) "UNAUTHORIZED_ACCESS" ["httpStatus"]=> int(401) ["message"]=> string(49) "Access not authorized for the requested resource." ["developerMessage"]=> string(39) "Authorization code is not a valid code." ["requestId"]=> string(36) "cfbef920-6a93-402d-997d-35140317081f" }
Ok, so instead I try sending a POYNT SIGNED APP JSON accessToken
//Here is the response from my application authorization to /token using my self signed JWT, you can see the server is sending me an accessToken.
object(stdClass)#24 (5) { ["expiresIn"]=> int(86400) ["accessToken"]=> string(815) "eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJ1cm46YWlkOmExZGUyODI5LTk1YWUtNDI2ZS05MDA5LWE3NzdhYzY2OTYzMiIsInN1YiI6InVybjphaWQ6YTFkZTI4MjktOTVhZS00MjZlLTkwMDktYTc3N2FjNjY5NjMyIiwicG95bnQuc2N0IjoiSiIsInBveW50Lm9yZyI6IjY0YTQzMGFkLWU3YmYtNDY3Yi1iMWY2LTJkM2U4Y2MwMmVkMyIsImlzcyI6Imh0dHBzOlwvXC9zZXJ2aWNlcy5wb3ludC5uZXQiLCJwb3ludC5raWQiOjYxNTUyNDYxNTI4MjcxNDE3NzcsInBveW50LmF0eSI6IlMiLCJleHAiOjE1NTA4NDc3MDEsImlhdCI6MTU1MDc2MTMwMSwianRpIjoiNDkzMGFlMzYtMTk1NC00NDI5LWJlODgtNTZkZWY5ZmE4OGZkIn0.xU_XVl6GBdwt5MLQfRWhCXBEpk5ByIPm3k0QBW6UT4cZif5uJo0pFI0cGSOk7LUokNAZzJRppEe8LHIUv49YjnG2OIJD4CeoHy--iWnDpk73h_CZ_pwj000P1GRJ0OVOReFIzvYHlxR9n0fUOIEfRo4wdmiH646Gt5IOCscViuVJ0BrWtMsyxD8iyWkMOLkXXpNKTzB-W4ShOs1ePdXoKVFax3qpv73F3rEbr3Z6bjYLx0IQEYL3l7IxS1fl2EYscDd46WMoml8xZKUsse30rWFMn10M2s_VUeUno_RP4IsYRnIjMLEEj-IjHR0-qImvabLvTpqhqMLguNogcaAwyQ" ["refreshToken"]=> string(136) "1:2:1:2:MLLq0dM/1Tgl7DUyq0Y0pmQUMHu3ObOmGchEp5mvVtafvXmKOWN7SxJfNRfZvRxqMq0gxWMzehFdWv6cYMuJst9lxNuPOL0J31yDqqCmQEnXUBrhvGCE9kIECC56HpOB" ["scope"]=> string(3) "ALL" ["tokenType"]=> string(6) "BEARER" }
I extract the accessToken and use it in my header like this
$authorization = "Authorization: Bearer " . $tokenJSON->accessToken;
but the response I am getting is
object(stdClass)#25 (5) { ["code"]=> string(17) "INVALID_PARAMETER" ["httpStatus"]=> int(400) ["message"]=> string(30) "Parameter provided is invalid." ["developerMessage"]=> string(102) "Issuer not application type cannot use authorization code grant. Issuer is: https://services.poynt.net" ["requestId"]=> string(36) "f2c4c479-f8cb-483b-8ec1-70fa74d1f448" }
What is going wrong here?