Alexa app with Laravel/Passport Invalid Client_id

[Lordkirin]

Please let me know if I have set this up correctly

Current I have the latest laravel 5.5 and passport 4.0.
I am trying to create a skill with Alexa that uses Authorization Code Grant.
To test the passport I setup two site. My main site and a client site.
The Alexa skill need to have multiple users assigned to it so I created a new client and change the user_id to NULL. The personal_access_client and password_client both set to 0.
Made sure my redirect matched what sent from the client and the redirect from the oauth_clients.
On my client I added the client_secret to the redirect.

Route::get('/redirect', function () {
$query = http_build_query([
'client_id' => 'client-id',
'client_secret' => 'client',
'redirect_uri' => 'http://example.com/callback',
'response_type' => 'code',
'scope' => '',
]);

return redirect('http://your-app.com/oauth/authorize?'.$query);

});
This worked great I could login with different users and passport would create a access_token.
First question is this the correct way to use a single client with multiple users? If not how do I get it to work?

I took my same information and put in the Alexa Skill. In the Alexa skill they don't define the redirect. They say It can be three different redirects. I tried all three, tried putting all three in the redirect with a comma (no spaces) and tried setting the redirect to NULL. Which it just set it to a empty field.

So my only guess is that either when the skill tries to Authorize it doesn't send the client_secret or the redirect from Alexa app is not matching my redirect in the database.

Any Help would be great I have been trying to figure this out for a couple of weeks now.

Here is the stack Trace:
[2018-01-22 15:31:24] production.ERROR: Client authentication failed {"userId":8,"email":"[email protected]","exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 4): Client authentication failed at /var/app/current/vendor/league/oauth2-server/src/Exception/OAuthServerException.php:94)
[stacktrace]
#0 /var/app/current/vendor/league/oauth2-server/src/Grant/AuthCodeGrant.php(241): League\OAuth2\Server\Exception\OAuthServerException::invalidClient()
#1 /var/app/current/vendor/league/oauth2-server/src/AuthorizationServer.php(146): League\OAuth2\Server\Grant\AuthCodeGrant->validateAuthorizationRequest(Object(Zend\Diactoros\ServerRequest))
#2 /var/app/current/vendor/laravel/passport/src/Http/Controllers/AuthorizationController.php(63): League\OAuth2\Server\AuthorizationServer->validateAuthorizationRequest(Object(Zend\Diactoros\ServerRequest))
#3 /var/app/current/vendor/laravel/passport/src/Http/Controllers/HandlesOAuthErrors.php(27): Laravel\Passport\Http\Controllers\AuthorizationController->Laravel\Passport\Http\Controllers\{closure}()
#4 /var/app/current/vendor/laravel/passport/src/Http/Controllers/AuthorizationController.php(84): Laravel\Passport\Http\Controllers\AuthorizationController->withErrorHandling(Object(Closure))
#5 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(48): Laravel\Passport\Http\Controllers\AuthorizationController->authorize(Object(Zend\Diactoros\ServerRequest), Object(Illuminate\Http\Request), Object(Laravel\Passport\ClientRepository), Object(Laravel\Passport\TokenRepository))
#6 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Route.php(212): Illuminate\Routing\ControllerDispatcher->dispatch(Object(Illuminate\Routing\Route), Object(Laravel\Passport\Http\Controllers\AuthorizationController), 'authorize')
#7 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Route.php(169): Illuminate\Routing\Route->runController()
#8 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Router.php(658): Illuminate\Routing\Route->run()
#9 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Routing\Router->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#10 /var/app/current/app/Http/Middleware/Authenticate.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#11 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\Authenticate->handle(Object(Illuminate\Http\Request), Object(Closure))
#12 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#13 /var/app/current/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(67): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#14 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle(Object(Illuminate\Http\Request), Object(Closure))
#15 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#16 /var/app/current/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#17 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#18 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#19 /var/app/current/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(63): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#20 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#21 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#22 /var/app/current/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#23 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))
#24 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#25 /var/app/current/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(59): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#26 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))
#27 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#28 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#29 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Router.php(660): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#30 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Router.php(635): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))
#31 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Router.php(601): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))
#32 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Router.php(590): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))
#33 /var/app/current/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))
#34 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))
#35 /var/app/current/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#36 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
#37 /var/app/current/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#38 /var/app/current/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))
#39 /var/app/current/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#40 /var/app/current/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#41 /var/app/current/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#42 {main}
"}

[bkrajendra]

@Lordkirin
As far as I know what ever you have done is needed on oAuth consumer or client app.
You need this if you are running this from oAuth client app.

Route::get('/redirect', function () {
$query = http_build_query([
'client_id' => 'client-id',
'client_secret' => 'client',
'redirect_uri' => 'http://example.com/callback',
'response_type' => 'code',
'scope' => '',
]);
...

In this case client_id, client_secret, redirect_url are sent by client app.(e.g. another laravel or php app)
I tried above thing on my Octobercms server and it worked without any change.

In case of Alexa Authorization Code grant, all above parameters are sent by alexa developer portal.
In this case developer portal or alexa companion app is oAuth client making request for Authorisation.

So just installing clean passport and adding few scope will do the work.
You just need to pass generated client_id, secret and passport's internal authorize and token urls in developer portal

I just figured this out. I tested it and its working fine.
I mean I was struggling from last 4 months to make it work and finally understood it and got it working.
this video cleared my most of the concept of passport working, I watched it 2, 3 times to properly get all the confusing oAuth. 🥇
https://www.youtube.com/watch?v=LElAbzmZJU4

[driesvints]

Closing this issue because it's already solved, old or not relevant anymore. Feel free to reply if you're still experiencing this issue.

[cheran2017]

if you tried everything and still it's not working means try this solution!!
just give scope *.

$query = http_build_query([
    'client_id' => 1,
    'redirect_uri' => 'http://localhost:3000/callback',
    'response_type' => 'code',
    'scope' => '*'
]);

in my case this is the solution. I have checked