search

mawie81 / electron-oauth2

A library to handle OAuth2 authentication for your Electron app.
MIT License
99 stars 56 forks source link

Does this library handle Spotify Auth #5

Open sammdec opened 8 years ago

sammdec commented 8 years ago

I have been playing around with this lib and took the code from the example in thee Readme. After adding all of the config, Im still getting a failure after logging in with spotify login window.

The error is 

INVALID_CLIENT: Invalid redirect URI
mawie81 commented 8 years ago

I think this should be possible. The module is using a redirect_uri of urn:ietf:wg:oauth:2.0:oob. According to Spotify docs you need to configure this when creating your application there.

This URI needs to have been entered in the Redirect URI whitelist that you specified when you registered your application. The value of redirect_uri here must exactly match one of the values you entered when you registered your application, including upper/lowercase, terminating slashes, etc.

sammdec commented 8 years ago

I have added that in as the redirect uri but it looks like spotify is still getting 400 errors coming from the authentication popup

mawie81 commented 8 years ago

I gave it a try as well and got a 500 error either on the login page or on the following confirmation page. The problem is that expect for a general "server error" message the error contains nothing of value to find the reason and I have no idea if its the way the module makes the calls or the issue is on their end.

ChrisWoollon commented 7 years ago

Hi people. Did you ever get this working?

danpastori commented 6 years ago

@mawie81, @ChrisWoollon So I figured out what was going on (at least I think) if this thread is still active. When you get your callback from the authorization token, it bugs out because the new browser window is listening for the code. Since Spotify is so heavily involved with Facebook, it's grabbing the code from the facebook callback and using that to authenticate with Spotify.

What will need to get changed is in the index.js file, there's this:

function onCallback(url) {
        var url_parts = nodeUrl.parse(url, true);
        var query = url_parts.query;
        var code = query.code;
        var error = query.error;

        if (error !== undefined) {
          reject(error);
          authWindow.removeAllListeners('closed');
          setImmediate(function () {
            authWindow.close();
          });
        } else if (code) {
          resolve(code);
          authWindow.removeAllListeners('closed');
          setImmediate(function () {
            authWindow.close();
          });
        }
      }

could be changed to:

function onCallback(url) {
  var url_parts = nodeUrl.parse(url, true);
  var query = url_parts.query;

  if( url_parts == '{CALLBACK_URL}' ){
    var code = query.code;
    var error = query.error;

    if (error !== undefined) {
      reject(error);
      authWindow.removeAllListeners('closed');
      setImmediate(function () {
        authWindow.close();
      });
    } else if (code) {
      resolve(code);
      authWindow.removeAllListeners('closed');
      setImmediate(function () {
        authWindow.close();
      });
    }
  }
}

Maybe use the callback_url setting. You will have to concat the protocol up front or remove it to do the check but that way if you are in a double oauth bind like logging into spotify through facebook it doesn't grab the intermediate auth code and throw an error.

Let me know if this works!