0

I try to set up authentication via oauth 2.0 in my aqueduct app. I have followed step by step tutorial at aqueduct.io addjusting it to my app.

Unfortunately I have stuck after creating client at first authentication requests: POST http://localhost:8888/auth/token -H 'Authorization: Basic dGVzdG5hbWU6dGVzdHBhc3N3b3Jk' -H 'Content-Type: application/x-www-form-urlencoded' -d 'username=testname&password=testpassword&grant_type=password'

If entryPoint looks like: 

@override
  Controller get entryPoint {

    final router = Router();

  router
    .route('/auth/token')
    .link(() => Authorizer.basic(authServer));
    //.link(() => AuthController(authServer));

    router
      .route('/register')
      .link(() => RegisterController(context, authServer));

    return router;

Then I have got error:

curl: (6) Could not resolve host: Basic
curl: (6) Could not resolve host: dGVzdG5hbWU6dGVzdHBhc3N3b3Jk'
curl: (6) Could not resolve host: application
'password' is not recognized as an internal or external command,
operable program or batch file.
'grant_type' is not recognized as an internal or external command,
operable program or batch file.

And if I change Authorizer.basic to AuthController (according to tutorial):

router
    .route('/auth/token')
    //.link(() => Authorizer.basic(authServer));
    .link(() => AuthController(authServer));

then the same error starts with extra line: {"error":"invalid_client"}

Mr_Greed
  • 1
  • what is your clientID? if for example your client id is "com.example.app" then you have to convert it with `Base64Encoder().convert("com.example.app:".codeUnits)` and that code use here `http://localhost:8888/auth/token -H 'Authorization: Basic ADD_ME_HERE' -H 'Content-Type: application/x-www-form-urlencoded' -d 'username=testname&password=testpassword&grant_type=password'` – delmin Apr 29 '20 at 13:18
  • @delmin At the beginning I was mislead by Guide and used 64 encoded username:password. However when I realised my mistake I have used my clientID **com.heroes.tutorial** with ":" and I got encoded ID **Y29tLmhlcm9lcy50dXRvcmlhbDo=** same like on tutorial file. But I still reciving `{"error":"invalid_client"}`. I have checked encoding on [link](https://www.base64decode.org/) and it seams to be correct. – Mr_Greed Apr 30 '20 at 08:29
  • in that case make sure your username and password is for registered user and not for database user, also make sure you put correct credential in the right place. do you use curl or postman? – delmin Apr 30 '20 at 09:06
  • @delmin It seems that curl was the problem from the beginning. I have send token request through Postman and it was successful! In Postman I have setup 3 headers: `Authorization = Basic Y29tLmhlcm9lcy50dXRvcmlhbDo=` `Content-Type = application/x-www-form-urlencoded` `Accept = "application/json` Then in the body set to "application/x-www-form-urlencoded" 3 keys: `username = test` `password = test` `grant_type = password` and API respond with 200 OK and sent Token. – Mr_Greed Apr 30 '20 at 10:55
  • But still using curl I face invalid ClientID error with command: `curl -X POST http://localhost:8888/auth/token -H 'Authorization: Basic Y29tLmhlcm9lcy50dXRvcmlhbDo=' -H 'Content-Type: application/x-www-form-urlencoded' -d 'username=test&password=test&grant_type=password'` – Mr_Greed Apr 30 '20 at 10:56
  • well at least it works in postman. I have no idea why it doesn't for for you in curl – delmin Apr 30 '20 at 11:03
  • Eventually I will find solution for this curl issue. Anyhow thank you for directed me on the right path. – Mr_Greed Apr 30 '20 at 12:03

0 Answers0