search

FormidableLabs / react-native-app-auth

React native bridge for AppAuth - an SDK for communicating with OAuth2 providers
https://commerce.nearform.com/open-source/react-native-app-auth
MIT License
2.04k stars 441 forks source link

Refesh token is empty with bungie OAuth #1030

Closed alphaorderly closed 3 weeks ago

alphaorderly commented 1 month ago

Issue

Currently i'm logging into bungie with this config

{
    clientId: API_CLIENT_ID,
    redirectUrl: 'marathoner://redirect/',
    serviceConfiguration: {
        authorizationEndpoint: 'https://www.bungie.net/en/oauth/authorize',
        tokenEndpoint: 'https://www.bungie.net/platform/app/oauth/token/',
    },
    issuer: 'https://www.bungie.net',
};

If i get a response from this

const response: AuthorizeResult = await authorize(authConfig);

Refreshtoken is empty string, not even a null

Here is official document for bungie oAuth

https://github.com/Bungie-net/api/wiki/OAuth-Documentation

and it says it response with this format

{
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "token_type":"Bearer",
    "expires_in":3600,
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
    "refresh_expires_in": 7776000
    "membership_id":"4352344"
}

I can actually currently get access token, membership id, expire date but not refresh token

How can i fix it?

스크린샷 2024-10-21 오후 3 32 01

Environment

carbonrobot commented 4 weeks ago

According to their documentation this is not possible for public OAuth on their platform.

Note: A public client differs from a confidential client in that it is not issued a client_secret (or password) and it will not receive a refresh token in response to a token request.

alphaorderly commented 4 weeks ago
image

API Website

They actully provide public oAuth in their platform and i set it to public That's on this website

I think their response format is not like normal one Can i assert/declare types for custom response?

{
    "access_token":"2YotnFZFEjr1zCsicMWpAA",
    "token_type":"Bearer",
    "expires_in":3600,
    "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
    "refresh_expires_in": 7776000
    "membership_id":"4352344"
}
alphaorderly commented 3 weeks ago

Additionaly, skipcodeexchange does not work at all

carbonrobot commented 3 weeks ago

To clarify, the documentation states that if you use a public OAuth, like you have configured, then you will not receive a refresh token from Bungie. So this is working as designed by Bungie.

I'm not sure what issue your having with skipcodeexchange, I would need more details to help you there.

alphaorderly commented 3 weeks ago

Ahh, My bad Close