OAuth Token API Unauthorized

API Discussion
1

When I try to access https://us.battle.net/oauth/token via a Node JS Fetch request, I am getting back a {"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}

First, I access https://us.battle.net/oauth/authorize which then sends a token via myredirecturi?code=XXX

Then, I do

router.get('/redirect', (req, res) => {
	requests.postData('https://us.battle.net/oauth/token', {
		"redirect_uri": "SAME_REDIRECT_URI_AS_AUTHORIZE",
		"grant_type": "authorization_code",
		"code": XXX,
		"client_id": "client_id",
		"scope": "wow.profile"
	}).then(data => {
    		res.send(text + " " + code + " D "+ simpleStringify(data));
		return;
  	}).catch((error) => {
		res.send("E " + error)
		return;
	});
});

async function postData(url, data) {
	var headers = {
		"Content-Type": "application/json",
		"client_id": "client_id",
		"client_secret": "client_secret"
	}
	const response = await fetch(url, {
		headers: headers,
		method: "POST",
		body: JSON.stringify(data)
	});
	return response.json();
}

However, I am getting an odd error:

{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}

Any guidance on how to proceed?

4

Hey Evilsmaher,

I’ve put together a extremely basic bare bones example of consuming the authorization code flow with the Blizzard APIs that you can take a look at. I DO NOT endorse this code for completeness or for following best practices for security or otherwise, but it should get you moving forward as an example.

https://github.com/viglucci/vanilla-node-blizzard-oauth-example/blob/master/server.js#L29

Best of luck.

1 Like