search

StevenMMortimer / salesforcer

This R package connects the Salesforce APIs from R using tidy principles.
https://stevenmmortimer.github.io/salesforcer/
Other
81 stars 19 forks source link

MFA (and possibly Okta) login help #120

Open nick-moreno-cffc opened 2 years ago

nick-moreno-cffc commented 2 years ago

Having trouble configuring a connected app to utilize the OAuth login process, but I am having trouble breaking through.

The readme doesn't give too much explanation to how to log in via OAuth 2.0 - is it possible to have a more detailed walk through?

If not, running into the following issue:

1) Hitting the following error when calling my connected app:

Error in oauth2.0_access_token(endpoint, app, code = code, user_params = user_params,  : 
  Bad Request (HTTP 400). Failed to get an access token.

2) Also unsure as to what callback url to add when configuring the connected app.

Any guidance would be very appreciated! We've resorted to OOTB Salesforce tools for data uploads but our team can work in R much faster.

StevenMMortimer commented 2 years ago

Hi @nick-moreno-cffc! You'll see that the OAuth key, secret, and callback URL are package options.

https://github.com/StevenMMortimer/salesforcer/blob/a1e1e9cd0aa4e4fe99c7acd3fcde566076dac732/R/zzz.R#L12-L14

The default values correspond to a connected app that I have setup for others to use if they don't want to setup their own connected app. When you setup your own connected app, you should see its key and secret. I'd recommend using the same callback URL (http://localhost:1410/). After setting up the app, you'd just have to set those values as options in the top of your R scripts to authenticate using the app, like this:

options(salesforcer.consumer_key = "YOUR APP KEY")
options(salesforcer.consumer_secret = "YOUR APP SECRET")
options(salesforcer.callback_url = "http://localhost:1410/")  # only needed if you use a different callback URL

See below for screenshots of the two sections that I configured when setting up my app: 1) 'API (Enable OAuth Settings)' and 2) 'OAuth Policies'. If this is new to you, then I'd highly recommend reading the Salesforce documentation Create a Connected App and start with Configure Basic Connected App Settings

API (Enable OAuth Settings)

image

OAuth Policies - I'd recommend setting "Refresh token is valid until revoked"

image
nick-moreno-cffc commented 2 years ago

Thank you for the step-by-step!

I created the connected app and I'm running into what seems to be a common issue: error=redirect_uri_mismatch&error_description=redirect_uri%20must%20match%20configuration

I think it has something to do with either the start or callback url? I tried your suggested URl as well as the suggested callback from Okta's documentation: https://system-admin.okta.com/admin/app/generic/oauth20redirect

Any thoughts?

Thank you, Steven! Nick

StevenMMortimer commented 2 years ago

@nick-moreno-cffc In the past I have noticed that the callback url should start with http:// not https://. Can you double check that you're using http://? Apologies in advance if it seems like I'm grasping at things potential fixes. I am by no means an expert in this.

StevenMMortimer commented 2 years ago

@nick-moreno-cffc Let me know if you have further questions or if you've figured things out so I can note what worked. I'll close the issue in a few days if I don't hear back. Thanks!

StevenMMortimer commented 2 years ago

Hi @nick-moreno-cffc – Let me know if you resolved or are still having issues. Happy to think through a few other solutions, if needed. If not, then I'll close this since it's been open for a few months.

At some point, I'll probably create a vignette with this info so it's more structured, so thanks for giving me the chance to put some thoughts on paper to hopefully help some other folks trying to do the same thing.

ghareesh commented 2 years ago

I opened another ticket on same .. I either get local host not found (with httpuv package installed). And R console says awaiting for browser authentication..

If I uninstall httpuv, it shows error=redirect_uri_mismatch&error_description=redirect_uri%20must%20match%20configuration

camraynor commented 1 year ago

I was running into the same redirect_uri_mismatch error and found that the issue was that the package I was using (httr2) was adding an extra http:// prefix for localhost so it was trying to redirect to http://http://localhost:1410. I noticed this by checking the redirect_uri url variable on the error page in browser. E.g.:

https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=XXXXX&redirect_uri=http%3A%2F%2Fhttp%3A%2F%2Flocalhost%3A1410%2F&state=XXXXX&code_challenge=XXXXX&code_challenge_method=S256

@nick-moreno-cffc it sounds like something similar could be happening with the Okta redirect.