Salesforce oAuth not working

[ppetitto1]

Hello,

Love the library, looks really useful but I'm having an issue. I'm using fastify and trying to connect to Salesforce using the supplied provider, and overriding with the sandbox urls.

I have my provider configured like so...

export const config: GrantConfig = {
    defaults: {
        origin: 'http://localhost:3000',
        transport: 'session',
        response: ['tokens']
    },
      salesforce: {
        authorize_url: 'https://test.salesforce.com/services/oauth2/authorize',
        access_url: 'https://test.salesforce.com/services/oauth2/token',
        oauth: 2,
        key: '<KEY>',
        secret: '<SECRET>',
        scope: ['full']
    }
}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
import fp from "fastify-plugin";
import grant from "grant";
import { config } from "../configs/grant";
const fastifyGrant = grant.fastify();

export default fp(async (fastify, opts) => {
  fastify.register(fastifyGrant(config));
});

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
import { FastifyPluginAsync } from "fastify"

let route = '/connect/salesforce/callback'
const success: FastifyPluginAsync = async (fastify, opts): Promise<void> => {
  fastify.get(route, async function (request, reply) {
    return request.session.grant.response
  })
}

export default success;

Yet, in my callback... /connect/salesforce/callback

I call the response like request.session.grant.response and it logs out like

https://test.salesforce.com/services/oauth2/authorize?client_id=<CLIENT_ID>&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fconnect%2Fsalesforce%2Fcallback&scope=full

I can access a sessionId like request.session.sessionId... but I don't think this is salesforce sessionId.

Clearly I am missing something. I was under the impression the library would handle the full oauth2 process, including exchanging the temporary code for an access token. Is there additional configuration needed on my part, or will I need to handle the exchange process myself?

Thanks

[simov]

The /connect/salesforce/callback is used internally by Grant and this is the redirect_uri that you set for your OAuth app in Salesforce.

Depending on the transport that you want to use the response data will be available in one of 3 possible ways after that. Have a look at the examples and search for transport. The first one to try is the querystring one. For that you need to set the callback property to point to a route on your local server, note that this is not your redirect_uri as mentioned above.

Once you get that working then you can try the session and the state transports as well.

[ppetitto1]

Thanks for the quick response. You were right! I commented out the transport type so it defaults to querystring and changed the calback to be some other /connect/provder/callback/token, and was able to see it.

Question though, when I pass the transport as session, does it still redirect to the callback url? or is this callback url ignored in this instance?

[simov]

For querystring transport the callback is required. For session transport it is optional, and for the state transport it is not needed. You can read more about it here, but the gist of it is that you can use the state transport example, but with the session transport without providing a callback. In that case you will receive the final response data inside the session object without the need of a redirect. Otherwise if you use session transport along with a callback you will be redirected to your callback route but instead of having the response data encoded as querystring it will be available in the session object.