https://supertokens.com/ logo
#support-questions
Hi I deployed ST on https mobilitycare
# support-questions
w

Wiam

03/02/2023, 2:35 PM
Hi, I deployed ST on https://mobilitycare.fr I need to implement a custom OIDC provider. I use the ThirdParty provider. The provider returns the access_token correctly but when I do the https://auth.mobilitycare.fr/auth/signinup POST with body : { "code": "", "thirdPartyId": "ordoclic", "redirectURI": "https://mobilitycare.fr/auth/callback/ordoclic" } I get this error : Error: Request failed with status code 401 at createError (/home/ec2-user/mc-auth/node_modules/axios/lib/core/createError.js:16:15) at settle (/home/ec2-user/mc-auth/node_modules/axios/lib/core/settle.js:17:12) at IncomingMessage.handleStreamEnd (/home/ec2-user/mc-auth/node_modules/axios/lib/adapters/http.js:269:11) at IncomingMessage.emit (node:events:525:35) at endReadableNT (node:internal/streams/readable:1358:12) at processTicksAndRejections (node:internal/process/task_queues:83:21)
In React callback, I logged to error response and got { status : 500, statusText: "", type : "cors", url : "https://auth.mobilitycare.fr/auth/signinup" }
The websiteDomain in backend config is : https://mobilitycare.fr
r

rp

03/02/2023, 3:35 PM
this usually happens if you have misconifigured something on the provider's side - like a bad scope, or bad redirect uri
w

Wiam

03/02/2023, 5:50 PM
Do you mean the provider configuration on backend ?
r

rp

03/02/2023, 6:56 PM
Yes. Or on the provider dashboard.
w

Wiam

03/07/2023, 1:10 AM
Hi, How can I send the accessToken request with the Basic Authorization header on the custom provider please ? Thank you
r

rp

03/07/2023, 4:26 AM
You need to provide the getUserProfile function as mentioned in the docs.
w

Wiam

03/07/2023, 9:45 AM
Not in this function, in the accessTokenAPI POST call on https://oauth.example.com/token endpoint Thank you
r

rp

03/07/2023, 11:57 AM
im not sure what you mean
w

Wiam

03/07/2023, 1:57 PM
I have this error data: { error: 'invalid_client', error_description: "Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The OAuth 2.0 Client supports client authentication method 'client_secret_basic', but method 'client_secret_post' was requested. You must configure the OAuth 2.0 client's 'token_endpoint_auth_method' value to accept 'client_secret_post'." } When doing this POST request to get the accessToken : https:///oauth2/token client_id=&client_secret=&grant_type=authorization_code&code=&redirect_uri= So this error happens before making the getUserProfileInfo request and I just need to set the Authorization header to and I don't know how. Thank you
r

rp

03/07/2023, 2:10 PM
ah i see. Can i see how you have implemented the custom provider? Share some code please.
w

Wiam

03/07/2023, 2:25 PM
ThirdPartyPasswordless.init({ flowType: "USER_INPUT_CODE", contactMethod: "EMAIL_OR_PHONE", providers: [ { id: "ordoclic", get: (redirectURI, authCodeFromRequest) => { let accessTokenAPIParams: { [key: string]: string } = { client_id: , client_secret: , grant_type: "authorization_code", }; if (authCodeFromRequest !== undefined) { accessTokenAPIParams.code = authCodeFromRequest; } if (redirectURI !== undefined) { accessTokenAPIParams.redirect_uri = redirectURI; } async function getProfileInfo(accessTokenAPIResponse: any) { // TODO: get user info from Ordoclic API return { id: "userID", email: { id: "email@email.com", isVerified: true, }, }; } return { accessTokenAPI: { url: "", params: accessTokenAPIParams }, authorisationRedirect: { url: "", params: { client_id: clientId, scopes: "openid offline_access", response_type: "code", }, }, getClientId: () => { return clientId; }, getProfileInfo, getRedirectURI: () => { return "" } }; }, } ], }),
r

rp

03/07/2023, 2:28 PM
You need to fill in the right values for all the string with “
w

Wiam

03/07/2023, 3:35 PM
Yes I know I put the <> on purpose, do you need these values to test ?
r

rp

03/07/2023, 3:37 PM
Perhaps @sattvikc can help here
s

sattvikc

03/08/2023, 5:32 AM
hi, couple of things here. Regarding accessToken, aren't you supposed to post all the info as a form post data as opposed to query params? Also I see that you have mentions a CORS issue, is it being reported from the provider or the cors plugin in your backend app?
w

Wiam

03/08/2023, 11:35 PM
Hi, The CORS issue is reported on the frontend callback after running thirdPartySignInAndUp() I get this message { status : 500, statusText: "", type : "cors", url : "https://auth.mobilitycare.fr/auth/signinup" } For the accessToken, I don't know how to put the parameters in the form post into the ST config.
s

sattvikc

03/10/2023, 4:31 AM
CORS settings will need to be addressed first I guess, before fixing the custom provider, would you be able to verify your settings to ensure that ?
w

Wiam

03/10/2023, 2:03 PM
I don’t understand where it’s coming from because I use the passwordless and Google authentication and it works fine.
r

rp

03/10/2023, 2:51 PM
im confused, google auth works fine? So then calling
thirdPartySignInAndUp
works fine?
w

Wiam

03/11/2023, 12:39 AM
Yes it's just when I use the custom provider when we need to make the accessToken request to the provider I need to configure the client and secret ids with 'Basic' format
r

rp

03/11/2023, 5:21 AM
Okay. Will wait for @sattvikc to help
s

sattvikc

03/13/2023, 5:30 AM
hey @Wiam, let me know a good time we can debug this over a call
w

Wiam

03/13/2023, 12:38 PM
Hi @sattvikc when are you available ?
s

sattvikc

03/13/2023, 12:39 PM
generally 11 am to 5pm IST
hey @Wiam , ping me when you are online and we can talk. otherwise, use this link to schedule a call with me - https://calendly.com/sattvik-supertokens/30min
w

Wiam

03/15/2023, 5:15 PM
Hi @sattvikc, how are you ? I managed to make everything work with your solution so I want to thank you 👍
s

sattvikc

03/16/2023, 3:59 AM
that's good to know, happy to help 😀