search

intercom / omniauth-intercom

Intercom strategy for OmniAuth
MIT License
6 stars 7 forks source link

client_id & client_secret are not passed to /auth/eagle/token endpoint #29

Closed kwent closed 2 months ago

kwent commented 2 months ago

Cf. https://developers.intercom.com/docs/build-an-integration/learn-more/authentication/setting-up-oauth#trade-your-authorization-code-for-an-access-token

Bonus: https://github.com/Skaelv/testapp-intercom-omniauth sounded like a good idea to test end to end before releasing but it's now 404

I, [2024-08-22T01:33:07.263841 #64540]  INFO -- request: POST https://api.intercom.io/auth/eagle/token
I, [2024-08-22T01:33:07.264001 #64540]  INFO -- request: User-Agent: "Faraday v2.9.2"
Content-Type: "application/x-www-form-urlencoded"
Authorization: "Basic REDACTED=="
I, [2024-08-22T01:33:07.264393 #64540]  INFO -- request: {"grant_type"=>"authorization_code",
 "code"=>"REDACTED",
 "redirect_uri"=>
  "https://foo.ngrok.io/auth/intercom/callback?code=REDACTED&state=REDACTED"}

I, [2024-08-22T01:33:07.588595 #64540]  INFO -- response: Status 400
I, [2024-08-22T01:33:07.589844 #64540]  INFO -- response: date: "Thu, 22 Aug 2024 08:33:07 GMT"
content-type: "application/json; charset=utf-8"
transfer-encoding: "chunked"
connection: "keep-alive"
status: "400 Bad Request"
vary: "Accept,Accept-Encoding"
x-intercom-version: "f2928ece746aaa18dfed18c4240765b72c748766"
content-encoding: "gzip"
x-request-id: "001ddhmpc5ntkj7qs7vg"
x-frame-options: "SAMEORIGIN"
cache-control: "no-cache"
strict-transport-security: "max-age=31556952; includeSubDomains; preload"
x-xss-protection: "1; mode=block"
x-request-queueing: "0"
x-runtime: "0.014150"
x-content-type-options: "nosniff"
server: "nginx"
I, [2024-08-22T01:33:07.590528 #64540]  INFO -- response: {"type":"error.list","request_id":"001ddhmpc5ntkj7qs7vg","errors":[{"code":"parameter_not_found","message":"client_id not specified"}]}
(intercom) Authentication failure! invalid_credentials: OAuth2::Error, {"type":"error.list","request_id":"001ddhmpc5ntkj7qs7vg","errors":[{"code":"parameter_not_found","message":"client_id not specified"}]}
eugeneius commented 2 months ago

I think this was happening due to a change in version 2.0 of the oauth2 gem:

https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#200---2022-06-21-tag

BREAKING: Set :basic_auth as default for :auth_scheme instead of :request_body.

I've updated the token exchange endpoint to also accept credentials passed with basic auth, so this gem should work with both major versions of oauth2 now.

kwent commented 2 months ago

I can confirm this is going through now.