Comments (7)
Shaunakde
commented on April 28, 2024
Investigating further I see that the client_id is undefined in Oauth2.js line 28
This is where I log:
exports.step1 = function (provider) {
console.log(provider)
var url = provider.authorize_url
var params = {
client_id:provider.key,
response_type:'code',
redirect_uri:utils.redirect_uri(provider),
scope:provider.scope,
state:provider.state
}
if (provider.basecamp) {
params.type = 'web_server'
}
if (provider.custom_parameters) {
provider.custom_parameters.forEach(function (key) {
params[key] = provider[key]
})
}
if (provider.subdomain) {
url = url.replace('[subdomain]',provider.subdomain)
}
console.log(params)
return url + '?' + qs.stringify(params)
}
This is my output:
GET / 304 55.391 ms - -
{ authorize_url: 'https://accounts.google.com/o/oauth2/auth',
access_url: 'https://accounts.google.com/o/oauth2/token',
oauth: 2,
scope_delimiter: ' ',
custom_parameters: [ 'access_type' ],
google: true,
name: 'google',
request_url: undefined,
subdomain: undefined,
protocol: 'https',
host: 'thooslo-com-shaunakde.c9.io',
callback: '/users',
transport: undefined,
state: undefined,
key: undefined,
secret: undefined,
scope: 'https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/plus.me',
overrides: {},
access_type: 'offline' }
{ client_id: undefined,
response_type: 'code',
redirect_uri: 'https://thooslo-com-shaunakde.c9.io/connect/google/callback',
scope: 'https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/plus.me',
state: undefined,
access_type: 'offline' }
GET /connect/google 302 12.525 ms - 626
from grant.
Shaunakde
commented on April 28, 2024
#Update
I got it to start to work by doing the following:
"google": {
"authorize_url": "https://accounts.google.com/o/oauth2/auth",
"access_url": "https://accounts.google.com/o/oauth2/token",
"oauth": 2,
"response_type":"code",
"client_id":"39009029743-veaeooi4v9ooirabeseujn8u2ohjbqf7.apps.googleusercontent.com",
"redirect_uri":"https://thooslo-com-shaunakde.c9.io/connect/google/callback",
"state":"xxs",
"access_type":"offline",
"scope_delimiter":" ",
"custom_parameters": ["access_type","state","client_id","redirect_uri"],
"scope":["profile","email"],
"callback": "/users"
}
But now I face this error:
{
"error": {
"error": "invalid_request",
"error_description": "Client must specify either client_id or client_assertion, not both"
}
}
from grant.
simov
commented on April 28, 2024
Grant doesn't use client_id nor client_secret you should set them as just key and secret
from grant.
Shaunakde
commented on April 28, 2024
@simov - thanks for the update. Just out of curiosity, does grant work by reading generic keys like "secret" and formatting to the correct URL according to the provider? I am going through the source and am very keen to understand.
Thank you so much.
from grant.
simov
commented on April 28, 2024
Yes. Now that I'm seeing how you configure it, I should enable the client_id and client_secret keys as well.
Btw you need just this configuration, you don't have to specify all of the parameters by yourself.
"google": {
"key":"39009029743-veaeooi4v9ooirabeseujn8u2ohjbqf7.apps.googleusercontent.com",
"secret": "...",
"state":"xxs",
"access_type":"offline",
"scope":["profile","email"],
"callback": "/users"
}from grant.
Shaunakde
commented on April 28, 2024
@simov Thanks for the update. I have got it to work at my end as well. Here is my configuration (probably full of redundancies):
"google": {
"authorize_url": "https://accounts.google.com/o/oauth2/auth",
"access_url": "https://accounts.google.com/o/oauth2/token",
"oauth": 2,
"response_type":"code",
"key":"39009029743-veaeooi4v9ooirabeseujn8u2ohjbqf7.apps.googleusercontent.com",
"secret":"kim7JzoD3zhuu58x5MnxDTU6",
"redirect_uri":"https://thooslo-com-shaunakde.c9.io/connect/google/callback",
"state":"xxs",
"access_type":"offline",
"scope_delimiter":" ",
"custom_parameters": ["access_type","state"],
"scope":["profile","email"],
"callback": "/users"
}
and this is the response:
{
"access_token": "ya29.agErFQ09LLOr1SDz8tDx6b71UwOzIwLTYEwmIcTejlqV4YOS_2pJcsd7eaYpvM3GYVSGzD7g5VQOrw",
"refresh_token": "1/DWzLnMXhNPw4TFFHERaKoVWkPzF9V9x5hq2nJwX7v6cMEudVrK5jSpoR30zcRFq6",
"raw": {
"access_token": "ya29.agErFQ09LLOr1SDz8tDx6b71UwOzIwLTYEwmIcTejlqV4YOS_2pJcsd7eaYpvM3GYVSGzD7g5VQOrw",
"token_type": "Bearer",
"expires_in": "3600",
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImNiZGZhM2RlZGM2MTRlNmUzZTU4OTQxNGU4ZmEzMGFjNzcwMWY0ZWQifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwic3ViIjoiMTAwNzAyNTQ3NDM0Nzc1ODI1MTYwIiwiYXpwIjoiMzkwMDkwMjk3NDMtdmVhZW9vaTR2OW9vaXJhYmVzZXVqbjh1Mm9oamJxZjcuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJlbWFpbCI6InNoYXVuYWtkZUBnbWFpbC5jb20iLCJhdF9oYXNoIjoiZndCenQ5cFlKTmZxOTdqUGhmTU91QSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdWQiOiIzOTAwOTAyOTc0My12ZWFlb29pNHY5b29pcmFiZXNldWpuOHUyb2hqYnFmNy5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImlhdCI6MTQzMDg1NDgzNCwiZXhwIjoxNDMwODU4NDM0fQ.aZO4Y8tcAOzkInJBBYRNo8TZafcXRJeC-8jOaepqDRuxoZTMmS-arzPQOz4BFxemAuZvI6JfPl78lqxMh8gaEmc8IL9Gp8x0ajpKjjw_ieovmT6G6ohKKKXIHDDgK0HgQeIW_4DGmruuHoTa16j0VkqW-fSXJfLth4t7_26aJrs",
"refresh_token": "1/DWzLnMXhNPw4TFFHERaKoVWkPzF9V9x5hq2nJwX7v6cMEudVrK5jSpoR30zcRFq6"
}
}
Curiously, I had to re-fresh the secret to get it to work.
Thanks for the help.
EDIT:
I see from your reply that the paramenters to be supplied are to be added to those present in oauth.json
from grant.
simov
commented on April 28, 2024
No problem. Thanks for the feedback on how you got it working. As I said, to prevent further annoyances, I'll add the original keys for key and secret in the next release. Closing 👍
from grant.
Related Issues (20)
- Intended method of accessing session.grant HOT 2
- Discord Profile route always 401 Unauthorized HOT 7
- Recommended approach for handling config without checking into git HOT 1
- Support Deno? HOT 3
- iFrame redirect issue with Shopify oAuth HOT 4
- OAuth 2 state - how can I associate a successful grant with a user id HOT 5
- Is there a framework-agnostic API? HOT 1
- Telegram Oauth HOT 2
- Export the grant config and Options HOT 4
- Not working with Next 13 App Router
- How to use dynamic params in custom_params of grant? HOT 1
- Autodesk deprecated v1 (lib's current) oauth endpoints HOT 4
- Incorrect inclusion of client_secret for authorization_code grant in OAuth2 implementation HOT 1
- Switch to OAuth 2 for OpenStreetMap provider HOT 1
- Itch.io authentication HOT 2
- Alternating Domains HOT 5
- Allow to customize "missing provider" error URL? HOT 3
- Any Help to Implement Grant in Next JS
- Is it possible to pass arbitrary data in? HOT 1
- Grant playground open-source? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grant.