oauth2_client icon indicating copy to clipboard operation
oauth2_client copied to clipboard

Published 20 hours ago verified publisher icon teranetsrl

AuthorizeURL needs special parameter on clientId, but no other request

Open joeymukherjee opened this issue 4 years ago • 3 comments

I'm trying to use this with TD Ameritrade and its authorization URL requires a special parameter. For subsequent calls, I want to leave it off. How would I do this? Here's the API I'm using: https://developer.tdameritrade.com/content/authentication-faq

joeymukherjee avatar Sep 13 '20 17:09 joeymukherjee

Hi @joeymukherjee, custom parameters for the authorization url can be specified through the authCodeParams parameter.

You can pass it to the client's getTokenWithAuthCodeFlow method like this:

var client = MyOAuth2Client(...);
var tokenResp = client.getTokenWithAuthCodeFlow(
	clientId: 'your_client_id',
	scopes: ['scope1', 'scope2', ...],
        authCodeParams: {
             param1: param1Value,
             param2: param2Value,
             ...
        });

Or, if you're using the helper, you can set it this way:

var client = MyOAuth2Client(...);
var hlp = OAuth2Helper(client,
	grantType: OAuth2Helper.AUTHORIZATION_CODE,
	clientId: 'your_client_id',
	scopes: ['scope1', 'scope2', ...],
        authCodeParams: {
             param1: param1Value,
             param2: param2Value,
             ...
        });

okrad avatar Sep 18 '20 20:09 okrad

This doesn't work for me. I need clientId to be something different just on the initial AUTHORIZATION_CODE. I put clientId in my authCodeParams with the additional parameter and have clientId as normal above it. This does not work. If I put clientId as clientId + token, as a parameter of OAuth2Helper, it works fine, but subsequent calls do not work since I don't need it for the remaining URLs. Am I misunderstanding what you are saying?

OAuth2Helper oauth2Helper = OAuth2Helper(client,
      grantType: OAuth2Helper.AUTHORIZATION_CODE,
      clientId: clientId, // + '%40AMER.OAUTHAP',  // If put this is in, the authorization code works.
      authCodeParams: {
          clientId: clientId + '%40AMER.OAUTHAP'
        });

joeymukherjee avatar Sep 19 '20 23:09 joeymukherjee

The authCodeParams map can be used to override "standard" params in the Authorization Token request, as I think you are trying to do. There's however a problem in your code, since the "clientId" param should be called "client_id" (that's the name of the parameter that gets serialized in the authorization url):

OAuth2Helper oauth2Helper = OAuth2Helper(client,
      grantType: OAuth2Helper.AUTHORIZATION_CODE,
      clientId: clientId,
      authCodeParams: {
          client_id: clientId + '%40AMER.OAUTHAP'
        });

The Authorization Token request is just half of the process. Once the authorization code is returned, an Access Token request is performed. Should you need to use the "modified" clientId in this request too, you must pass an accessTokenParams map:

OAuth2Helper oauth2Helper = OAuth2Helper(client,
      grantType: OAuth2Helper.AUTHORIZATION_CODE,
      clientId: clientId,
      authCodeParams: {
          client_id: clientId + '%40AMER.OAUTHAP'
      },
      accessTokenParams: {
          client_id: clientId + '%40AMER.OAUTHAP'
      });

Hope it helps!

okrad avatar Sep 22 '20 20:09 okrad