Forum Discussion

vishwajeet_hol's avatar
10 years ago

Oauth 2.0 : facing issue to get authorization code

Hi,

 

I am trying to implement Oauth 2.0 authorization. I am not familier with it.

I have referred below link on lithosphere :

http://community.lithium.com/t5/Community-API-v2/OAuth-2-0-authorization-grant-flow/ta-p/138402

 

Done POST call through 'poster'(add on) on Firefox using following details :

URL : https://<community_url>/auth/oauth2/authorize

client_id=<client_ID_of_community>
response_type=code
redirect_uri=https://<community_url>/getaccesstoken

 

But facing issue to get authorization code, which is very first step of OAuth 2.0 authorization grant flow.

Am I going in right way ?

I have confusion about 'redirect_uri' parameter. What it should be ? 

 

 

Let me know if you have any suggetion for the same.

Thank you in advance.

 

Regards,

Vishwajeet.

  • NoamanA's avatar
    NoamanA
    Lithium Alumni (Retired)

    Hey Vishwajeet

     

    What community are you trying this for?  The redirect_url would have been defined for your community when the client id was set up.  If you didn't provide us with one when requesting your client id and secret, normally we would have just used your base community url, but I can check this for you.

     

    Thanks

    Noaman

    • Hi NoamanA,

       

      Can you please check the redirect_uri of our community. 

      Here, we tried with base_url of community. 

      URL used :

      https://<community_base_url>/auth/oauth2/authorize?client_id=<client_ID>&response_type=code&redirect_uri=<community_base_url>

       

      And Got this error.Oauth_error.PNG

      Could you please provide us the sample URL for this call.

      Also is there any particular configuration for this in Admin console, where we can get the values of client_ID, redirect_uri, etc.

       

      Thank you.

       

      Regards,

      Vishwajeet.

      • NoamanA's avatar
        NoamanA
        Lithium Alumni (Retired)

        Hey Vishwajeet

         

        Unfortunately, there isn't a customer facing portal for you to retrieve your client id and url.  You didn't specify which community you are talking about but I think it's Comity?

         

        The redirect url should be entered as comity.stage.lithium.com (I assume you are working on stage?).

         

        If you still encounter issues, please respond back to the Support ticket where we first provided you the client id details.  We might need to share confidential details like your client id for example, which we cannot do over a public forum like this.

         

        Regards

        Noaman

    • vaishnavi's avatar
      vaishnavi
      Expert

       

      Hi,

      I am able to get the authentication code now.

       

      URL I hit from browser (GET call) :-

      http://comity.stage.lithium.com/auth/oauth2/authorize?client_id=[url encoded client id]&response_type=code&redirect_uri=comity.stage.lithium.com

       

      I got redirected to another URL, which contains the authentication code :-

      http://comity.stage.lithium.com/t5/oauth/comity.stage.lithium.com?code=[url encoded authentication code]&user-id=15&tenant-id=comity

       

      I am not getting expected response for next step.

      Step 2 POST /accessToken

      poster call :

      URL : http://comity.stage.lithium.com/auth/v1/accessToken

      example request -

      LJdishd:~ joan.doe$ curl -X POST -H "Content-Type: application/json" -H 
      "client-id: Fblkh30GinF48502kEsk4FmGslkjdfjasdj=" -d '{"client_id" :"Fblkh30GinF48502kEsk4FmGslkjdfjasdj=",
      "client_secret" :"FKDDASDK309slkdfaDkdlkjie92=","grant_type" : "authorization_code",
      "redirect_uri" :"http://redirect.example_community.com/getaccessToken",
      "code":"i7liaoFaOjG6yDKN4tQYXrhewKog3k4ryYGWLS6hbrI="}' "http://comity.stage.lithium.com/auth/v1/accessToken"

      expected response

       { 
      "response": {
      "status": "success",
      "message": "OK",
      "http_code": 200,
      "data": {
      "access_token": "o5IV0yIiNDj/5lNJ6doJh08LX6SsDwtkDXDVmhGvRtI=",
      "expires_in": 86400,
      "lithium_user_id": "2d8c95ed-21dc-4ba6-ab9f-d3eff9c928ce",
      "refresh_token": "XAAWIWKr38W33SlqYooR9OEJW0um9DoyB/o843rdIxk=",
      "token_type": "bearer"
      }
      }
      }

       actual response I am getting is HTML of my  community home page.

       

      Am I missing anything? Has anyone faced the same issue?

      Any pointer are welcome.

       

      Thanks,

      Vaishnavi

  • I've been struggling with this error for a couple of weeks. I was finally able to get a code. The trick was making sure that the Client ID was URL encoded. The redirect_uri must NOT be encoded. Once I did that, the response has the code I was looking for in the URL. This conflicts with the developer documentation which shows an un-encoded client ID and an encoded return_uri.

     

    https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=oauth2