Skip to content
This repository has been archived by the owner on Mar 17, 2024. It is now read-only.

Clients created with 'fromApplicationOnlyAuth' fail requests with 400, 401 #349

Open
iwinulose opened this issue Jan 1, 2022 · 6 comments
Open

Clients created with 'fromApplicationOnlyAuth' fail requests with 400, 401 #349

iwinulose opened this issue Jan 1, 2022 · 6 comments

Comments

@iwinulose
Copy link

The initial call to fromApplicationOnlyAuth succeeds, however the retrieved credentials appear to be invalid.

The initial access_token request seems to have changed to return both an access token and a refresh token, however the constructor does not expect to receive a refresh duration. The next attempt to call any API will trigger a refresh (as to the client it appears the access token is no longer valid.) The refresh fails w/ 400. Unfortunately, patching to fix this issue does not help, as any request made using the supposedly valid auth token is failed with 401.

As a workaround, clients created with the 'permanent: false' parameter work correctly.
@iMrDJAi
Copy link

iMrDJAi commented Jan 7, 2022

I think I fixed this bug, check this commit: ebd3ab1

  • 🐛 Fixed a bug with snoowrap#fromAuthCode and snoowrap#fromApplicationOnlyAuth when they don't set the values of requester.tokenExpiration and requester.scope after a successful authentication which causes the access token to refresh again for no reason '-' .

@iMrDJAi
Copy link

iMrDJAi commented Feb 15, 2022

Update: Application Only OAuth is broken!

image

@oakleyaidan21
Copy link

Any update on this? Setting permanent to false does not throw an error but it's not ideal.

@iMrDJAi
Copy link

iMrDJAi commented Apr 10, 2022

@oakleyaidan21 permanent is not supported anymore. What's the current behavior of snoowrap when setting permanent to false?

@oakleyaidan21
Copy link

@iMrDJAi when I set permanent to false it behaves as @iwinulose described -- there is no API error and the snoowrap object can be used (albeit for only an hour). When I set it to true or omit it I get this error: API Error: invalid_grant - undefined. The snoowrap version I'm using is 1.23.0.

@iMrDJAi
Copy link

iMrDJAi commented Apr 10, 2022

@oakleyaidan21 Right! just wanted to be sure.

snoowrap#fromApplicationOnlyAuth with permanent set to false only passes an access token to the returned snoowrap instance, and snoowrap v1.23.0 can only refresh the access token when a refresh token is present (in this case there is none), and currently, there is no particular way to obtain a new application-only access token automatically.

However, I fixed that in the upcoming snoowrap v2.0. Work in progress...

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@iwinulose @oakleyaidan21 @iMrDJAi