thanks! you are a champ!
Thank you! Lovin how active this community is
Hi,
Iām trying to get a client running in java 11, with the java HttpClient class (not the apache one), but Iām getting stuck on getting the authentication token.
I tried extending the Authenticator class and passing that to the HttpClient builder. I also tried to add the client id and secret in the POST body, and any other variation I could think of or adapt from examples Iāve seen in other languages.
I keep getting 401, with this error:
{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}
Can anyone help? Maybe you already have an implementation with the Java Httpclient?
Thanks!
Sorry, I canāt help with this one, I hate Java.
I would advise you to create a separate topic asking for help with this specific situation to give it more visibility on the forum. If possible provide a sample code and someone will reply eventually.
OK, Iāll try that. Thanks.
Btw, I was able to get over the authentication problem. Now Iām getting this response:
{
"error":"invalid_request",
"error_description":"Missing grant type"
}
You probably forgot to include the grant type in your authorization request
'grant_type' should have 'client_credentials' as value.
I did add the grant type.
I just managed to get it to work. When I used Content-Type of application/x-www-form-urlencoded it started working. Iāve been using multipart before, because thatās what they say in the guide.
I donāt know why.
That is definitely an error in the documentation, the RFC clearly states all requests are application/x-www-form-urlencoded.
I guess I just assumed that in all of my code, until now I didnāt even notice that part of the guide, or perhaps the old documentation was different.
1 Like
Hello there!
Has someone made oauth authentication with react? Iām learning new stuff with react and spent couple of hours debugging because access token expired (need to handle errors better in futureā¦). Was planning to make it possible to get access token directly but have no idea how to continue
Unless you are talking about the experimental server-side rendering you canāt use react to handle API requests and token generation.
It is a severe security risk to expose you credentials or even the generated token to the client. You must use a back-end server to handle all API requests.
I created this proxy to help people who doesnāt want to deal with the back-end part.
C# (using System.Text.Json)
public class BlizzardAccessToken // Blizzard Access Token Json > C# Class
{
[JsonInclude]
[JsonPropertyName("access_token")]
public string access_token { get; private set; }
[JsonInclude]
[JsonPropertyName("token_type")]
public string token_type { get; private set; }
private int _expires_in; // Backing Field
[JsonInclude]
[JsonPropertyName("expires_in")]
public int expires_in // Seconds
{
get
{
return this._expires_in;
}
private set
{
this._expires_in = value;
DateTime now = DateTime.Now;
TimeSpan time = new TimeSpan(0, 0, value); // Hours , Minutes, Seconds
this.expire_date = now.Add(time);
}
}
public DateTime expire_date { get; private set; }
[JsonInclude]
[JsonPropertyName("scope")]
public string scope { get; private set; }
}
private async Task RequestToken() // method to get token
{
try
{
await Program.Log("Requesting new BlizzAPI Token...");
using (var request = new HttpRequestMessage(new HttpMethod("POST"), $"https://{this.Config.Region}.battle.net/oauth/token"))
{
var base64authorization = Convert.ToBase64String(Encoding.ASCII.GetBytes($"{this.Config.client_id}:{this.Config.client_secret}")); // Specify Client ID/Secret
request.Headers.TryAddWithoutValidation("Authorization", $"Basic {base64authorization}");
request.Content = new StringContent("grant_type=client_credentials");
request.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/x-www-form-urlencoded");
var client = this.ClientFactory.CreateClient("ApiClient"); // Get HTTP Client
using (var response = await client.SendAsync(request)) // Send HTTP request
await using (var result = await response.Content.ReadAsStreamAsync()) // Get Result
{
this.Token = await JsonSerializer.DeserializeAsync<BlizzardAccessToken>(result, new JsonSerializerOptions() { IgnoreNullValues = true }); // De-serialize Json
if (this.Token.access_token is null) throw new Exception($"Error obtaining token:\n{response}");
this.TokenExpTimer_Start(); // Start Auto-Renewing Timer
await Program.Log($"BlizzAPI Token obtained! Valid until {this.Token.expire_date} (Auto-Renewing).");
}
}
}
catch (Exception ex)
{
await Program.Log(ex.ToString());
}
}
1 Like
NodeJS (using node-fetch)
import fetch from 'node-fetch';
let appId = 'YOUR APP ID';
let appSecret = 'YOUR APP SECRET';
let request = fetch('https://us.battle.net/oauth/token', {
body: new URLSearchParams({ grant_type: 'client_credentials' }),
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'Basic ' + Buffer.from(`${appId}:${appSecret}`).toString('base64')
}
})
.then(response => response.json())
.then(json => console.log(json));
I am new to php but my client want to add a button on his login page which redirects to battle.net website login page and user enter their credential then get authorised from battle.net and get redirected to his website. (i.e Oauth)
how can i add this on a click of button, i have seen the curl code but didnāt get it.
i have the client_id and client secret key with me.
Any help will be highly appreciated. Thanks in advance.