search

hashicorp / terraform-provider-http

Utility provider for interacting with generic HTTP servers as part of a Terraform configuration.
https://registry.terraform.io/providers/hashicorp/http/latest
Mozilla Public License 2.0
210 stars 118 forks source link

Unable to get proper response from Auth0 get token call #304

Closed tommy38hk closed 1 year ago

tommy38hk commented 1 year ago

Terraform CLI and Provider Versions

Terraform v1.4.6

Terraform Configuration

data "http" "auth0_token" {
  url = var.auth0_token_endpoint
  request_body = local.auth0_json
  method = "POST"
  request_headers = {
    Accept = "application/json"
  }
}
locals {
  auth0_json=jsonencode({
    client_id     = var.auth0_client_client_id
    client_secret = var.auth0_client_client_secret
    audience      = var.edms_registration_service_api_identifier
    grant_type    = "client_credentials"
  })
}
output "auth0_json_response" {
  value = data.http.auth0_token.response_body
}
output "auth0_json_request" {
  value = local.auth0_json
}

Expected Behavior

Be able to return the auth0 token

Actual Behavior

auth0_json_response = "{\"error\":\"access_denied\",\"error_description\":\"Unauthorized\"}"

Steps to Reproduce

  1. terraform apply

How much impact is this issue causing?

Medium

Logs

No response

Additional Information

Proper token can be obtained using CURL command for the same credentials

Code of Conduct

austinvalle commented 1 year ago

Hi there @tommy38hk 👋🏻 , thanks for filing the issue and sorry you're running into trouble here.

Are you able to share the CURL command structure you're using that is successfully making the API call?

The example configuration you provided looks like it's encoding the HTTP request body as application/json, whereas the Auth0 documentation for POST /oauth/token is expecting application/x-www-form-urlencoded in the request body.

tommy38hk commented 1 year ago

Hi @austinvalle Here's the CURL command from Auth0, I have replaced the actual values of the sensitive fields.

curl --request POST \ --url https://my.auth0.com/oauth/token \ --header 'content-type: application/json' \ --data '{"client_id":"my-auth0-client-id","client_secret":"my-ayth0-client-secret","audience":"my-auth0-api-audience","grant_type":"client_credentials"}'

image

austinvalle commented 1 year ago

Quick test before I try and reproduce that issue, can you try updating your data block to use the Content-Type header, currently it only has Accept set:

data "http" "auth0_token" {
  url = var.auth0_token_endpoint
  request_body = local.auth0_json
  method = "POST"
  request_headers = {
    content-type = "application/json"
    accept = "application/json"
  }
}
tommy38hk commented 1 year ago

Yes, that fixed the issue. Thank you so much

github-actions[bot] commented 5 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.