B4J Question [B4X] Invalid or expired OAuth authorization

[Alexander Stolte]

Hello, i get the following error message:

ResponseError. Reason: , Response: {"message":"Invalid or expired OAuth authorization"}

Private Sub GetTokenFromAuthorizationCode (Code As String)
    Log("Getting access token from authorization code...")
    Dim j As HttpJob
    j.Initialize("", Me)

    Dim postString As String = $"code=${Code}&client_id=${"xx"}&grant_type=authorization_code&redirect_uri=${GetRedirectUri}"$
    postString = postString & "&client_secret=" & "xx"

    j.PostString("https://api.supabase.com/v1/oauth/token", postString)
    j.GetRequest.SetHeader("Content-Type", "application/x-www-form-urlencoded")
    j.GetRequest.SetHeader("apikey","xxx")

    Wait For (j) JobDone(j As HttpJob)
    If j.Success Then
        TokenInformationFromResponse(j.GetString)
    Else
        ResetToken
        RaiseEvent(False)
    End If
    j.Release
End Sub

Gets the code:

Private Sub ParseBrowserUrl(Response As String)
    Log(Response)
    Dim m As Matcher = Regex.Matcher("code=([^&\s]+)", Response)
    If m.Find Then
        Dim code As String = m.Group(1)
        Log(code)
        GetTokenFromAuthorizationCode(code)
    Else
        Log("Error parsing server response: " & Response)
        ResetToken
        RaiseEvent(False)
    End If
End Sub

What could be the reason for this? Is the code incorrectly coded?
This is what i get from the server:

GET /?state=xxx&code=4%2F0Adeu5BXVu-MuYoH-8TupWpIo2ddii0CcIqPPbR7R9QPTvoY64bKIaP8vna7Lkq6YQ_SrOw&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid&authuser=0&prompt=consent HTTP/1.1

Thanks for any hint

 

[Erel]

The code in the oauth class should take care of checking whether the token expired: https://www.b4x.com/android/forum/threads/class-b4x-google-oauth2.79426/

 

[DonManfred]

step 1 is ok.
But in step2 you are using the same parameters. But the should be others. In GetTokenFromAuthorizationCode you need to use rersponse_type set to code. See OAuthflow-Documentation.

Build a Supabase Integration (Beta) | Supabase Docs

Build a Supabase Integration using OAuth2 and the Management API.

supabase.com

 

[Alexander Stolte]

But in step2 you are using the same parameters. But the should be others. In GetTokenFromAuthorizationCode you need to use rersponse_type set to code. See OAuthflow-Documentation.

In the step I already use the required parameters,

Private Sub Authenticate
#if B4J
    PrepareServer
#End If
    Dim link As String = BuildLink("https://xxx.supabase.co/auth/v1/authorize?provider=google", _
         CreateMap("client_id": mClientId, _
        "redirect_uri": GetRedirectUri, _
        "response_type": "code", "scope": mScope))
#if B4A
    Dim pi As PhoneIntents
    StartActivity(pi.OpenBrowser(link))
#else if B4i
    Main.App.OpenURL(link)
#else if B4J
    fx.ShowExternalDocument(link)
#end if
End Sub

The function "GetTokenFromAuthorizationCode" also has all the required parameters.

The code in the oauth class should take care of checking whether the token expired: https://www.b4x.com/android/forum/threads/class-b4x-google-oauth2.79426/

Exactly the class I already use, I have adjusted the URLs and the parameters, but still this error comes.

 

[Alexander Stolte]

Dim link As String = BuildLink("https://xxx.supabase.co/auth/v1/authorize?provider=google", _ CreateMap("client_id": mClientId, _ "redirect_uri": GetRedirectUri, _ "response_type": "code", "scope": mScope))

But I don't understand what I have to pass as value for the parameter "state

 

[Alexander Stolte]

But I don't understand what I have to pass as value for the parameter "state

The parameter has no effect on my oauth code. I don't know what else could be the problem...

 

[Alexander Stolte]

I was on the wrong documentation. The documentation is for the management api, but this is the wrong api.

I need a way to use the following 2 endpoints:

https://xxx.supabase.co/auth/v1/authorize?provider=google

https://xxx.supabase.co/auth/v1/token?grant_type=id_token

source:

GitHub - supabase/auth: A JWT based API for managing users and issuing JWT tokens

A JWT based API for managing users and issuing JWT tokens - supabase/auth

github.com

 

[Alexander Stolte]

Finally!!!

    Dim link As String = BuildLink("https://xxx.supabase.co/auth/v1/authorize?provider=google", _
         CreateMap("client_id": mClientId, _
        "redirect_uri": "https://xxx.supabase.co/auth/v1/callback","response_type":"code","scope":"openid profile email"))

-> Choose Google Account ->

    Dim j As HttpJob
    j.Initialize("", Me)
    j.Download2("https://xxx.supabase.co/auth/v1/token?grant_type=id_token",Array As String("code",Code))
    j.GetRequest.SetHeader("apikey","xxx")
    
    Wait For (j) JobDone(j As HttpJob)
    If j.Success Then
    log(j.GetString)
        'TokenInformationFromResponse(j.GetString)
    Else
        ResetToken
        RaiseEvent(False)
    End If
    j.Release

give me the following result:

http://localhost:3000/#access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6ImN4L2tXZ1NBdlBxR2l2alEiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJhdXRoZW50aWNhdGVkIiwiZXhwIjoxNjkzMzI5MzUxLCJpYXQiOjE2OTMzMjU3NTEsImlzcyI6Imh0dHBzOi8vaHp5eGNlcGtuaXR4emZoZ2hzbW4uc3VwYWJhc2UuY28vYXV0aC92MSIsInN1YiI6IjUwMzk0OTA4LWM5NzgtNDRkZi04MGFmLTY1M2U3ZDcyNTRhYyIsImVtYWlsIjoiYWxleHN0b2x0ZTdAZ21haWwuY29tIiwicGhvbmUiOiIiLCJhcHBfbWV0YWRhdGEiOnsicHJvdmlkZXIiOiJlbWFpbCIsInByb3ZpZGVycyI6WyJlbWFpbCIsImdvb2dsZSJdfSwidXNlcl9tZXRhZGF0YSI6e30sInJvbGUiOiJhdXRoZW50aWNhdGVkIiwiYWFsIjoiYWFsMSIsImFtciI6W3sibWV0aG9kIjoib2F1dGgiLCJ0aW1lc3RhbXAiOjE2OTMzMjU3NTF9XSwic2Vzc2lvbl9pZCI6IjdmYjU0NDc1LWQyOGUtNDIzZS1hOTRjLWQzYmQ2NmRhN2IwZiJ9.i2KNURMjdwQaX-E4YdyrD5MYAUyUbCKpzeuAO4Z1xFo&expires_at=1693329351&expires_in=3600&provider_token=ya29.a0AfB_byAaoFuKqLwW2L6pgUONaxHiOIh0g4dar_1xz6lSHpvt-5hF6QK4fJtuPQvoc6JQ2JEKcQh740gAuJwStZ6nS4V-WxoxlHNXphF_sVFbKBv8oCBT-szhXyQxb6hgoQQ6xtN04Bb3QnOHHWYtrt7YP9bK0OfIoV57jwaCgYKAUESARASFQHsvYlsjwo-Fq_A_qkxBXPhHbrRVQ0173&refresh_token=fzWdr9Cyzog-4SYaSlBwjg&token_type=bearer