Invalid_scope when trying to login to Field Kit

ppetru · November 30, 2023, 7:06am

I’m trying to use Field Kit (via https://farmos.app) to log in to my farmOS 3.0.0-beta3 instance. After clicking “Submit credentials”, I get a “Request failed with status code 400” error.

Using the Chrome devconsole, I can see that it’s doing a POST to https://my.farmos.instance/oauth/token and getting this as a response:

{
    "error": "invalid_scope",
    "error_description": "The requested scope is invalid, unknown, or malformed",
    "hint": "Check the `farm_manager` scope",
    "message": "The requested scope is invalid, unknown, or malformed"
}

I know that the credentials are correct because when I intentionally enter them wrong, the response is this instead:

{
    "error": "invalid_grant",
    "error_description": "The user credentials were incorrect.",
    "message": "The user credentials were incorrect."
}

Looking at the farmOS recent log messages report, the error is:

League\OAuth2\Server\Exception\OAuthServerException: The requested scope is invalid, unknown, or malformed in League\OAuth2\Server\Exception\OAuthServerException::invalidScope() (line 182 of /opt/drupal/vendor/league/oauth2-server/src/Exception/OAuthServerException.php).

I can see that there is a farm_manager scope defined at Administration/Configuration/People/Simple OAuth Settings/Scopes, so I’m not sure what to do now.

What am I missing?

paul121 · November 30, 2023, 5:58pm

Thanks for testing this and sharing the detailed errors @ppetru !

I’ve found the bug and opened a fix here: Correct alter hook to add password grant to static scopes by paul121 · Pull Request #755 · farmOS/farmOS · GitHub

The issue is that the password grant is not being added to the farm_manager scope. This is something you should not have to configure in farmOS. But in the meantime, you could create a “dyanmic” OAuth scope for farm_manager and configure it to use the password grant. Then Fieldkit should start working for you.

mstenta · November 30, 2023, 6:57pm

Thanks for identifying this @ppetru, and for the quick fix @paul121! I’ve merged the PR.

jgaehring · January 25, 2024, 5:47pm

Sorry I’m so late to the party, but glad it seems like it was resolved! Echoing the thanks for reporting, @ppetru, and for fixing, @paul121!

If there’s anything else I can help w/ on the Field Kit side, though, let me know!

Topic		Replies	Views
Field Kit Login Issue Field Kit	3	42	September 11, 2024
Client authentication failed Development support-request	8	441	April 4, 2023
Issue looging onto farmOS Field Kit (v1.farmos.app) Field Kit	4	375	April 11, 2024
OAuth Connection issue (with WFS Module and QGIS) Hosting farmOS support-request	21	440	March 8, 2022
Simple_oauth typed property errors after authentication with farmOS.py Development	11	105	January 29, 2024

Invalid_scope when trying to login to Field Kit

Related topics