1. 技术文章
  2. Discord Oauth2 receiving 'invalid client' error

Discord Oauth2 receiving 'invalid client' error

白昼怎懂夜的黑 提交于 2020-05-17 06:11:33

问题


I had Discord Oauth2 implemented so that my users could log into my website by authenticating through Discord. For months, everything worked great and now all of the sudden it stopped working.

Per Discord's oauth2 instructions,https://discordapp.com/developers/docs/topics/oauth2#shared-resources, I am able to successfully acquire the access code that is meant to be traded for the access token. However, when I try to receive the access token I receive an 'invalid_client' error.

First, I am hitting this endpoint:

https://discordapp.com/api/oauth2/authorize?client_id=${process.env.CLIENT_ID}&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Flogin%2Fdiscord%2Fcallback&response_type=code&scope=identify%20email%20gdm.join

which successfully returns the following:

http://localhost:5000/login/discord/callback?code={some_access_code}

The access code is then sent back to discord to obtain the access token. Here is the code that is failing:

export function getDiscordAccessToken(accessCode, call) {
  const redirect = call === 'login' ? process.env.DISCORD_LOGIN_REDIRECT : process.env.DISCORD_CONNECT_REDIRECT


  return new Promise((resolve, reject) => {

    axios
      .post(
        `https://discordapp.com/api/oauth2/token?client_id=${process.env.DISCORD_CLIENTID}&client_secret=${process.env.DISCORD_SECRET}&grant_type=authorization_code&code=${accessCode}&redirect_uri=${redirect}&scope=identify%20email%20gdm.join`
    )
      .then(res => {
        resolve(res.data)
      })
      .catch(err => {
        // log error to db
        console.log("Here is your error: ", err.response)
        reject(err.response)
      })
  })
}

This code was working for months with no problems. Then, all of the sudden it stopped working. I even checked the Discord change logs which can be found here, https://discordapp.com/developers/docs/change-log, but I found no reference to authentication changes.

Any help you can provide is greatly appreciated!


回答1:


The query parameters should be in the BODY of the POST request, not the URL for the oauth/token url.

Discord recently pushed a update to the oAuth2 which makes it confine more with the standard. This means they no longer support parameters in the URL for POST, but instead require them to be in the body and form encoded (basically the same, but in the body and without the leading ?).

So you basically need (not tested):

 axios
      .post(
        "https://discordapp.com/api/oauth2/token",       
        "client_id=${process.env.DISCORD_CLIENTID}&client_secret=${process.env.DISCORD_SECRET}&grant_type=client_credentials&code=${accessCode}&redirect_uri=${redirect}&scope=identify%20email%20gdm.join"
       )


来源:https://stackoverflow.com/questions/55391068/discord-oauth2-receiving-invalid-client-error

标签
oauth-2.0
discord
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!