Pushbullet Oauth using Bash and curl

Question

I recently wrote a Pushbullet Linux command line client in Bash. I want to allow users to grant access to their Pushbullet accounts via Oauth, but I'm having some trouble. I just did Oauth for Google Drive API the other day. It was fairly straightforward, requiring just a few lines of code. To be honest, the Oauth section in the Pushbullet API docs is somewhat unclear.

Let me make sure I understand the steps required:

1. Send user to Pushbullet site with URL generated in-app
2. URL should include: client_id and redirect_url (redirect_url specifies the url a user is re-directed to after granting access to Pushbullet, in addition to response_type, either token or code)
3. User grants or denies access to their Pushbullet account
4. If access is granted, user is sent to redirect_url
5. Client must obtain the access_token embedded in the redirect_url and then append access_token to all future requests

Does that sound about right?

My script successfully loads the authentication URL in my browser, but when I click "approve" I get the following error: The param 'redirect_uri' has an invalid value. I used the redirect_uri listed in the "clients" section of the Pushbullet settings. So, this: https://www.pushbullet.com/login-success/access_token=<access token>&response_type=token&scope=everything

Am I using the correct url? This is a command-line client, and I don't have a domain for it. That shouldn't matter, though, right?

Does Oauth always require authentication via browser, or can it be done via some kind of web service call (this is how GDrive API seems to work)? Ideally, I would have curl handle everything, rather than having to worry about loading web browsers.

Answer 1

Hmm, I even made a diagram, but I guess the docs still need some work. Let me know if you have any suggestions!

So if you want to use the "Client Side" flow, you should use a redirect_uri of https://www.pushbullet.com/login-success which means your authorize_url should look something like https://www.pushbullet.com/authorize?client_id=YW7uItOzxPFx8vJ4&redirect_uri=https%3A%2F%2Fwww.pushbullet.com%2Flogin-success&response_type=token Note that because this is HTTP, you have to urlencode that redirect_uri as I have pasted it here. If you're still getting that it's an invalid redirect_uri, try setting your client's redirect_uri to https://www.pushbullet.com/login-success on this page: https://www.pushbullet.com/#settings/clients

I'm not sure what you meant by https://www.pushbullet.com/login-success/access_token=<access token>&response_type=token&scope=everything. Maybe you meant https://www.pushbullet.com/login-success?access_token=<access token>&response_type=token&scope=everything, but I don't think there's any need to put those parameters on the redirect_uri.

One thing I can think of here is maybe if I allow https://www.pushbullet.com/login-success to work for all clients regardless of what their redirect_uri is set to, that may make this easier. Let me know what wasn't clear so I can fix it.

I haven't used the specific Google OAuth that you're talking about, but my experience with google oauth in general was that it was the most complicated and hard to use OAuth implementation I have ever used. Could you give me a link to what you're referencing so I can see how they made their OAuth so much easier to use?