Comments (7)
Investigating further I see that the client_id is undefined in Oauth2.js line 28
This is where I log:
exports.step1 = function (provider) {
console.log(provider)
var url = provider.authorize_url
var params = {
client_id:provider.key,
response_type:'code',
redirect_uri:utils.redirect_uri(provider),
scope:provider.scope,
state:provider.state
}
if (provider.basecamp) {
params.type = 'web_server'
}
if (provider.custom_parameters) {
provider.custom_parameters.forEach(function (key) {
params[key] = provider[key]
})
}
if (provider.subdomain) {
url = url.replace('[subdomain]',provider.subdomain)
}
console.log(params)
return url + '?' + qs.stringify(params)
}
This is my output:
GET / 304 55.391 ms - -
{ authorize_url: 'https://accounts.google.com/o/oauth2/auth',
access_url: 'https://accounts.google.com/o/oauth2/token',
oauth: 2,
scope_delimiter: ' ',
custom_parameters: [ 'access_type' ],
google: true,
name: 'google',
request_url: undefined,
subdomain: undefined,
protocol: 'https',
host: 'thooslo-com-shaunakde.c9.io',
callback: '/users',
transport: undefined,
state: undefined,
key: undefined,
secret: undefined,
scope: 'https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/plus.me',
overrides: {},
access_type: 'offline' }
{ client_id: undefined,
response_type: 'code',
redirect_uri: 'https://thooslo-com-shaunakde.c9.io/connect/google/callback',
scope: 'https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/plus.me',
state: undefined,
access_type: 'offline' }
GET /connect/google 302 12.525 ms - 626
from grant.
#Update
I got it to start to work by doing the following:
"google": {
"authorize_url": "https://accounts.google.com/o/oauth2/auth",
"access_url": "https://accounts.google.com/o/oauth2/token",
"oauth": 2,
"response_type":"code",
"client_id":"39009029743-veaeooi4v9ooirabeseujn8u2ohjbqf7.apps.googleusercontent.com",
"redirect_uri":"https://thooslo-com-shaunakde.c9.io/connect/google/callback",
"state":"xxs",
"access_type":"offline",
"scope_delimiter":" ",
"custom_parameters": ["access_type","state","client_id","redirect_uri"],
"scope":["profile","email"],
"callback": "/users"
}
But now I face this error:
{
"error": {
"error": "invalid_request",
"error_description": "Client must specify either client_id or client_assertion, not both"
}
}
from grant.
Grant doesn't use client_id
nor client_secret
you should set them as just key
and secret
from grant.
@simov - thanks for the update. Just out of curiosity, does grant work by reading generic keys like "secret" and formatting to the correct URL according to the provider? I am going through the source and am very keen to understand.
Thank you so much.
from grant.
Yes. Now that I'm seeing how you configure it, I should enable the client_id
and client_secret
keys as well.
Btw you need just this configuration, you don't have to specify all of the parameters by yourself.
"google": {
"key":"39009029743-veaeooi4v9ooirabeseujn8u2ohjbqf7.apps.googleusercontent.com",
"secret": "...",
"state":"xxs",
"access_type":"offline",
"scope":["profile","email"],
"callback": "/users"
}
from grant.
@simov Thanks for the update. I have got it to work at my end as well. Here is my configuration (probably full of redundancies):
"google": {
"authorize_url": "https://accounts.google.com/o/oauth2/auth",
"access_url": "https://accounts.google.com/o/oauth2/token",
"oauth": 2,
"response_type":"code",
"key":"39009029743-veaeooi4v9ooirabeseujn8u2ohjbqf7.apps.googleusercontent.com",
"secret":"kim7JzoD3zhuu58x5MnxDTU6",
"redirect_uri":"https://thooslo-com-shaunakde.c9.io/connect/google/callback",
"state":"xxs",
"access_type":"offline",
"scope_delimiter":" ",
"custom_parameters": ["access_type","state"],
"scope":["profile","email"],
"callback": "/users"
}
and this is the response:
{
"access_token": "ya29.agErFQ09LLOr1SDz8tDx6b71UwOzIwLTYEwmIcTejlqV4YOS_2pJcsd7eaYpvM3GYVSGzD7g5VQOrw",
"refresh_token": "1/DWzLnMXhNPw4TFFHERaKoVWkPzF9V9x5hq2nJwX7v6cMEudVrK5jSpoR30zcRFq6",
"raw": {
"access_token": "ya29.agErFQ09LLOr1SDz8tDx6b71UwOzIwLTYEwmIcTejlqV4YOS_2pJcsd7eaYpvM3GYVSGzD7g5VQOrw",
"token_type": "Bearer",
"expires_in": "3600",
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImNiZGZhM2RlZGM2MTRlNmUzZTU4OTQxNGU4ZmEzMGFjNzcwMWY0ZWQifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwic3ViIjoiMTAwNzAyNTQ3NDM0Nzc1ODI1MTYwIiwiYXpwIjoiMzkwMDkwMjk3NDMtdmVhZW9vaTR2OW9vaXJhYmVzZXVqbjh1Mm9oamJxZjcuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJlbWFpbCI6InNoYXVuYWtkZUBnbWFpbC5jb20iLCJhdF9oYXNoIjoiZndCenQ5cFlKTmZxOTdqUGhmTU91QSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdWQiOiIzOTAwOTAyOTc0My12ZWFlb29pNHY5b29pcmFiZXNldWpuOHUyb2hqYnFmNy5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImlhdCI6MTQzMDg1NDgzNCwiZXhwIjoxNDMwODU4NDM0fQ.aZO4Y8tcAOzkInJBBYRNo8TZafcXRJeC-8jOaepqDRuxoZTMmS-arzPQOz4BFxemAuZvI6JfPl78lqxMh8gaEmc8IL9Gp8x0ajpKjjw_ieovmT6G6ohKKKXIHDDgK0HgQeIW_4DGmruuHoTa16j0VkqW-fSXJfLth4t7_26aJrs",
"refresh_token": "1/DWzLnMXhNPw4TFFHERaKoVWkPzF9V9x5hq2nJwX7v6cMEudVrK5jSpoR30zcRFq6"
}
}
Curiously, I had to re-fresh the secret to get it to work.
Thanks for the help.
EDIT:
I see from your reply that the paramenters to be supplied are to be added to those present in oauth.json
from grant.
No problem. Thanks for the feedback on how you got it working. As I said, to prevent further annoyances, I'll add the original keys for key and secret in the next release. Closing 👍
from grant.
Related Issues (20)
- Discord Profile route always 401 Unauthorized HOT 7
- Recommended approach for handling config without checking into git HOT 1
- Support Deno? HOT 3
- iFrame redirect issue with Shopify oAuth HOT 4
- OAuth 2 state - how can I associate a successful grant with a user id HOT 5
- Is there a framework-agnostic API? HOT 1
- Telegram Oauth HOT 2
- Export the grant config and Options HOT 4
- Not working with Next 13 App Router
- How to use dynamic params in custom_params of grant? HOT 1
- Autodesk deprecated v1 (lib's current) oauth endpoints HOT 4
- Incorrect inclusion of client_secret for authorization_code grant in OAuth2 implementation HOT 1
- Switch to OAuth 2 for OpenStreetMap provider HOT 1
- Itch.io authentication HOT 2
- Alternating Domains HOT 5
- Allow to customize "missing provider" error URL? HOT 3
- Any Help to Implement Grant in Next JS
- Is it possible to pass arbitrary data in? HOT 1
- Grant playground open-source? HOT 1
- Is it possible to use grant without session? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grant.