Hello i created this plugin to exchange a users ?code= from url using get data from url but the issue at hand is i can not seem to get this to exchange for the access_token or even save a access_token i know the calls are right via the api ive tested it and everything comes up right but sadly inside bubble it will not keeps saying wrong code even tho it hasnt even been the nessesarcy timeout on the code to exchange it for a access_token if someone on here can help me it mean the world its not like im sitting here i the forums not trying heres the proof
Need help to get this plugin working to exchange a code for access_token and save said token via web storage local storage db. Plugins | Bubble
You have set the type to client credentials, but this oAuth2 process doesn’t accept code. You probably doesn’t have the correct type (normally it’s authorization_code and sometimes it’s just code).
Actually, you have set an HTTP Basic auth. This is not the case.
You have two options: oAuth2 User Grant flow or none.
If none, you will do each step manually. Use a link to the authorize url, use Get data from page url with the Code and process the code into api Token endpoint.
Alright so @Jici on login a user is brought too https://discord.com/oauth2/authorize?client_id=891335306681384962&redirect_uri=https%3A%2F%2Fdislist.me%2Fapi%2F1.1%2Foauth_redirect&response_type=code&state=%257B%2522oauth_provider%2522%253A%25221640977923756x701742010930036700%2522%252C%2522resume_key%2522%253A%25221641787544689x650044442962245600%2522%252C%2522used_redirect_url%2522%253A%2522https%253A%252F%252Fdislist.me%252Fversion-test%252Flogin%2522%252C%2522redirect_unique_id%2522%253A%25221641787544988x639126127394641500%2522%257D&scope=email%20identify%20guilds%20guilds.join%20guilds.members.read%20messages.read%20email%20identify%20guilds%20guilds.join%20guilds.members.read%20messages.read%20connections
then from here the user is brought back threw https://dislist.me/api/1.1/oauth_redirect which brings back to the https://dislist.me/version-test/login page but in the image as you see + the copied url im given a code i put that code in from the url
into the call and get my token just fine https://discord.com/api/oauth2/token?response_type=code&client_id=891335306681384962&scope=identify%20guilds.join&state=15773059ghq9183habn&redirect_uri=https%3A%2F%2Fdislist.me/api/1.1/oauth_redirect&grant_type=authorization_code&code=<code>
the user is logged in but i cant exchange the access code for token or figure out how to get the access_token ive tried via saving to user saving to web storage and more but i cant seem to get this to work if need be if you like i can spin up a new testing discord account for you if you do not have one (call it a dummy account more or less lol)
heck i dont mind even inviting you over into the plugin if im able to
But below we can see the code https://dislist.me/version-test/login?code=J0CUxWvEorq6Sxk4sBe0mvjqbzZKqQ&state=%257B%2522oauth_provider%2522%253A%25221640977923756x701742010930036700%2522%252C%2522resume_key%2522%253A%25221641788261326x505606070020973250%2522%252C%2522used_redirect_url%2522%253A%2522https%253A%252F%252Fdislist.me%252Fversion-test%252Flogin%2522%257D
i can save said code to said user via the db as we see the ?code=J0CUxWvEorq6Sxk4sBe0mvjqbzZKqQ
but yet when i use a action or even set my plugin for the code exchange to attempt to get access_token it wont go threw always error wrong code but its the same code i would of used to even autheticate the plugin its self of course not same exact code as it changes and expires in a short time but not short enought i cant run a api or use it to thus later add user to the server after but i can not do this with out the above so i hope these things help explaining more
The api call for this aspect for the code to get token is as such
http basic auth which is suppose to be used from what I’m being told from reading the documentation over at discord - which works btw look below i was provided my token and refresh token as well
You don’t use basic auth in Bubble API Connector. You set to None/self-handled because this iswhat you are doing.
NowYou need to store the access token in DB and use it in other API endpoint.
You have the access token according from your screenshot. Copy it and initialize other API call using an header on each other call “Authorization: Bearer accesstokenhere”
isnt that my token tho no matter who makes the call as im the bot owner thats what im understanding from documentation here as i already have this call and it returns the bots access_token or mine not the users
Client Credentials Grant
The client credential flow is a quick and easy way for bot developers to get their own bearer tokens for testing purposes. By making a POST request to the token URL with a grant type of client_credentials, using Basic authentication with your client id as the username and your client secret as the password, you will be returned an access token for the bot owner. Therefore, always be super-extra-very-we-are-not-kidding-like-really-be-secure-make-sure-your-info-is-not-in-your-source-code careful with your client_id and client_secret. We don’t take kindly to imposters around these parts.
again heres my confusion your telling me not to run the plugin using what im using and use none or self handled it dosnt work
ive tried the documentation even says as so
The client credential flow is a quick and easy way for bot developers to get their own bearer tokens for testing purposes. By making a POST request to the token URL with a grant type of client_credentials , using Basic authentication with your
Make a post request using basic auth
for bot developers to get their own bearer tokens for testing purposes this is my token not the said users i have the calls for users already m8
thank you for taking this precious time of yours to help me out btw