How to access Authorization code flow, Implicit Flow and Hybrid flow in Django oauth toolkit

I want to implement OpenID connect in my project.

So I started using Django Oauth Toolkit.

I was able to make the changes in Dajango Rest framework menu and was able to test the Resource owner password-based flow using the curl command

curl -X POST -d "grant_type=password&username=<user_name>&password=<password>" -u"<client_id>:<client_secret>" http://localhost:8000/o/token/

After that I made all the changes as mentioned in the OpenId Connect menu.

I have

  1. Generated RSA private key
  2. Added the changes as mentioned in the documentation
  3. Then I registered applications for each flow as mentioned in the documentation.

Then the problem arise. I tried testing these flows the same way I tested Resource owner password-based flow eg:

  1. For Authorization code flow

curl -X POST -d "grant_type=password&username=user&password=aryan123&scope=openid" -u "rwOah6DU7PXPbpE7CWVokh16YeMIFsPCE4zv1ZUk:5p186YD3Wvf0nMz4bfXd9UJXbQnACMfpVzHwJ6AuneoPqnjJuoPUz4CiEM653gUIhCOMtV96Yymr1kLnAimdyfxWZMP2hOzslEH9kMpfoqyOorwviY8f1rs1BqcTSUtn" http://localhost:8000/o/token/

I'm getting the error:

{
    "error": "invalid_grant",
    "error_description": "Invalid credentials given."
}
  1. For Implicit Flow

curl -X POST -d "grant_type=password&username=user&password=aryan123&scope=openid&response_type=id_token" -u "qKgH4Bx5QzOdSdRo5h7vUSpSaivHk0SaccMa0coH:DyNdcoS52JuanNhjjqqbRnemGaq27sQrwa43C6ieYahxCdHYXXJt4Y5ZdwXVbNZdZmt89XoAJ7kBuFoDZanZvhCCza3WMLWlCwSy5qv09W1QyJsLmTEGUzRHkytU21s1" http://localhost:8000/o/token/

I'm getting the error:
{
    "error": "invalid_grant",
    "error_description": "Invalid credentials given."
}
  1. For Hybrid flow

curl -X POST -d "grant_type=password&username=user&password=aryan123" -u "YpKesUZnxyvOysKje4H2NNFhs45roO8z0SBu58Y5:Yf2IAsMRoLCbLrEUHsgPByLLnmFrNYPvqtYXuaZAJV5HbHioFZtbsTzh6Oj1W7jgWOKVU0PLsUwBPO0j5y7fhOLbUFiH2X9ZhdnQ3wJ7KxFOjTHYu2Cd52IxGO7U3iF3" http://localhost:8000/o/token/

I'm getting the error:
{
    "error": "invalid_grant",
    "error_description": "Invalid credentials given."
}

For the development purpose I have generated the private key and stored it in a python file itself like this enter image description here Note: The private key had some spaces and i removed it due to error enter image description here

I'm confused about the parameters that needs to be passed in the curl. Maybe that's the problem or something else, which I'm not able to identify

Need your insight on this one. Thanks...

Back to Top