About Zapier Community
New to our Community? Get to know more about our space and how to make the most of your time here.

Code of Conduct Community FAQ's Zapier Common Questions What to Expect

Get Started With Zapier
New to Zapier? We have got you covered with our Zapier 101 Resources.

Zapier Essentials

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Zapier Reading
All of our best learning resources can be found here.

Featured Articles Show & Tell AI Hub Zapier Tools Hub

Learning Groups
Excited to meet other builders? Check out our interest areas full of doers, dreamers, and in-betweeners.

User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Question

Oauth2 authentication: various errors

  • 17 June 2021
  • 3 replies
  • 170 views
E
Userlevel 1

I am implementing an Oauth2 server on my side with PHP using OAuth2 - PHPLeague

https://oauth2.thephpleague.com/

 

Issue #01

 

I have configured email and password as Authentication Fields

 

7Zerz6KsTYLH5Pm6JxzA145rtoPPYI3M1H6XCV5Yzo19CHIiJR_DgflrUInYZTz_fswk84PiC1S-UZYUGkxaN1EHCYnii41-iZ96So7Kt6o06r4Gguv_-iOXpfP-Dg7kADZ0K_Yg

 

Then I add them to the Authorization url so I can do validation and authentication on my oauth2 server.

 

zHV8hTSKPbSZCrwS_Q6gy7WYf20w8u98UnJEGW0HX0tCTnj-J22RQctS9HFipgzKWesTA_8q24h9x6BVIB-iEwiBpEQgaykPK5zslKbg9mlXY8gIdE4OavVU529cL0kZqVOLs6oK

 

This part is working, but I am wondering if I can send it through the header to avoid having to encode it in the url?, I have tried adding these parameters to the headers form, but after I save the header is removed. Not sure if I am missing a naming convention on headers params,

 

Issue #02

 

I am not able to show an error in zapier when calling authorization endpoint. I have tried returning a PSR7 response and simple json response. 

 

EXwADKrsUNQk1zvLmylUmI82bN9LUBvPxGNAX_7NcZX8RqCt7KdFFGhLpgb11FtMzLOht2JzcxDuHt2kPHqgNiB6N6vJh5wGNlVY8l-CuSehFSaSpNfKEDqQB58x-WpZuvr4Cnf2

 

But I only see a white screen, what is the correct error response format?

 

Issue #03

 

On the Authorization request I return the user id, but I also need to return other user info to use on the Connection Label. On the test endpoint I had no problems since I found an example where I needed to return a json with: id, name and email fields, but not sure how to do it when doing the full process: Authorization Url + Access Token Request, not sure in what point you read that info.

 

YZNsS_gV2EV96thgVouls3HTG_VR0SWPsTe1btm-b4jagsbtejCgVYKxCLQF3_B4KBY1iWlYGR4VFGdfywy9XqsscX8zHjoq7fflJydxqrirCgyCz_rtDG5XtRHfOUiqV-YNqa1h

 

This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

3 replies

Z
Userlevel 7
Badge +9

Digging in, remembering that that request is handled differently than other requests throughout the schema. 

Check out the authorizeUrl at https://zapier.github.io/zapier-platform-schema/build/schema.html#authenticationoauth2configschema - it expects a RedirectRequest object, rather than a standard request configuration.

If I’m thinking about this correctly, this makes sense - this request is being made from the user’s browser, not going through the platform like everything else. 

In short, I think the way you were configuring that request it is the way to do it.

E
Userlevel 1

@Zane, thanks for the reply, about question 1, I found that we can enable sending body in get requests in zapier, there is a parameter: allowGetBody

https://github.com/zapier/zapier-platform/blob/master/packages/core/src/http-middlewares/before/prepare-request.js#L46-L49

But not sure how to use it on Authorization Url, since I need to return a url, maybe this is useful in other GET requests.

Any thoughts on this?

Z
Userlevel 7
Badge +9

Question 1, sending messages in the body vs. url params: 

For this OAuth 2 flow this is an HTTP GET in most implementations, and so there is no body sent. 

Question 2, showing an error:

So this is a request handler on your server once we’ve redirected to you, yeah? I think you just want to return an HTML page with the error info for the user on it, rather than trying to redirect back to us for us to render that message at that point in the flow. Perhaps someone else can provide some guidance here…

Question 3, connected account label:

If that data is returned by your auth test request, you can reference it in bundle.inputData.yourfieldname if it’s extra information returned with your token request, you might look at computed fields to add that data to bundle.authData.*** 

 

Terms & Conditions