Just a 400 Bad Request Error but no extra info about what went wrong

  • 1
  • Question
  • Updated 4 months ago
POST https://<mysite>.sharefile.com/oauth/token 400

Is all that's coming back from the following call.

function authenticate($hostname, $client_id, $client_secret, $username, $password) {
    $uri = "https://".$hostname."/oauth/token";
    echo "POST ".$uri."\n";
 
    $body_data = array("grant_type"=>"password", "client_id"=>$client_id, "client_secret"=>$client_secret,
                  "username"=>$username, "password"=>$password);
    $data = http_build_query($body_data);
     
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $uri);
    curl_setopt($ch, CURLOPT_TIMEOUT, 30);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    curl_setopt($ch, CURLOPT_VERBOSE, FALSE);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    curl_setopt($ch, CURLOPT_POST, TRUE);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:application/x-www-form-urlencoded'));
 
    $curl_response = curl_exec ($ch);
 
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    $curl_error_number = curl_errno($ch);
    $curl_error = curl_error($ch);
 
    //echo $curl_response."\n"; // output entire response
    echo $http_code."\n"; // output http status code
     
    curl_close ($ch);
    $token = NULL;
    if ($http_code == 200) {
        $token = json_decode($curl_response);
        //print_r($token); // print entire token object
    }
    return $token;
}

$hostname = "<mysite>.sharefile.com";
$username = "<me>@<mycompany>";
$password = "<my password>";
$client_id = "<my id>";
$client_secret = "<my secret>";
try{
        $token = authenticate($hostname, $client_id, $client_secret, $username, $password);
}catch(PDOException $ex){
        print_r($ex);
}

This is an internal machine with full access to Sharefile.

Photo of Wes Wakeman

Wes Wakeman

  • 10 Posts
  • 0 Reply Likes

Posted 11 months ago

  • 1
Photo of Dale Smith

Dale Smith, Software Engineer

  • 205 Posts
  • 33 Reply Likes
Hi Wes,

That endpoint should always return some sort of body content, even in a 400 scenario. Generally it would look like:

{
    "error": "invalid_grant",
    "error_description": "invalid username or password"
}

Have you tried making the same call through Postman? You can also validate the username and password via the ShareFile web app just to make sure they are correct. Failing those two things, if you could upload a text file to:

https://citrix.sharefile.com/r-r17d3dba1c0243f29

With your site name, client id, and user name you are using I can dig further in our database and logs.

Thanks,
Dale
Photo of Wes Wakeman

Wes Wakeman

  • 10 Posts
  • 0 Reply Likes
Yep nothing at all which makes very little sense to me, I've uploaded the file.
Photo of Wes Wakeman

Wes Wakeman

  • 10 Posts
  • 0 Reply Likes
Could this problem have anything to do with the fact that the account I'm using is setup for 2FA/MFA?

Wes
Photo of Dale Smith

Dale Smith, Software Engineer

  • 205 Posts
  • 33 Reply Likes
Ah, Yes it does make a difference. The Password grant type does not support 2FA directly. In order to use password grant with a 2FA enabled account, you would need to generate Application specific codes (this can be done in the 2FA settings in web app) and send one of the codes in as the password, rather than the password of the user itself.

I'll comb through the database and logs just to make sure that's you're only issue, but if you want to give that a try and see if it solves your issue.
Photo of Jason Mah

Jason Mah

  • 3 Posts
  • 0 Reply Likes
Hi, My company is using 2FA authentication. I am having the 400 bad request error when I try the authenticate sample codes. May I know how to generate the application specific codes?
Thank you.