Reputation: 618
How to request access token from Battle.net OAuth with authorization code?
I have a hobby project in mind to use battle.net login. I'm wondering how I can obtain the access token from the API after receiving the authorization code.
This is Oauth flow question rather than a battle.net question.
Currently I can successfully authorize the user for my app which is registered in dev.battle.net and then I try to use the authorization code returned from the battle.net login to obtain the access token by sending a request to https://<region>.battle.net/oauth/token.
However I keep receiving this error:
{
"error": "unauthorized",
"error_description": "An Authentication object was not found in the SecurityContext"
}
I use postman extension to send post requests to that uri. I authenticate my request with my client id and secret. I pass redirect_uri (https://localhost), granty_type (authorization_code), code(the code returned from the previous authorization step). However I keep getting the error above.
I couldn't find much about battle.net online. There are other oauth related help articles but couldn't really find my way. Wondering if you can help me with this easy stuff. I'm just wondering what I'm skipping here.
Here is the documentation: https://dev.battle.net/docs/read/oauth
https://localhost is added in my mashery dev account's app settings.
Upvotes: 2
Views: 4859
Answers (1)
Reputation: 618
Me again, I resolved this problem after trying almost every combination in the universe:)
Steps to apply:
- Don't use the same authorization token for different access token trials, they are not valid
- Always use https on every domain you test including localhost, you redirect_uri must be https as well.
- You must use the "basic authentication" in the header of your POST request while requesting the token from the authorization code you obtained from the previous step.
- This is one of the most important ones: For requesting token, Pass redirect_uri, client key and secret as POST form parameters to the authenticated request. This is interesting because it's already an authenticated request; why would i need to pass my secret again? Anyways, that's how it works.
Here are the full text: http://hakanu.net/oauth/2017/01/26/complete-guide-of-battle-net-oauth-api-and-login-button/
This is working prototype: https://owmatch.me
Thanks.
Upvotes: 4
Related Questions
- ASP.NET Web API and OpenID Connect: how to get Access Token from Authorization Code
- How can I retrieve Oauth2 authorization code
- How to use OAuth Password Grant Type to get an authorization code?
- get access token via asp.net Microsoft.Owin.Security.OAuth
- How to pass authorization token to GET method to access authorized resource?
- How to get access token in Web Api OAuth?
- How to get Token from DotNetOpenAuth OAuthAuthorizationServer sample with C#?
- How to get authorization code with OWIN, OAuth and Web API?
- BattleNet API MVC6 ASP.NET 5
- How to authenticate Access Token in OAuth Resource Server