Search code examples
rubyoauth-2.0sinatrayahooyahoo-api

error fetching Oauth2 token from yahoo: OAuth2::Error invalid_request: {"error":"invalid_request"}

I have a simple problem that is getting me stuck. I have been following this yahoo documentation Yahoo OAuth 2.0 Guide . I have been able to generate authorization URL and even get the authorization code.(that is upto Step 3).

But now I am stuck in step 4: Exchange authorization code for Access Token. I am also using this StackOverflow question Yahoo API with Ruby on Rails and OAUTH2. This is my code(I'm using sinatra):

get '/yahoo/contacts/oauth2callback' do
  client = OAuth2::Client.new($consumer_id, $consumer_secret, site: $yahoo_base_url, authorize_url: '/oauth2/request_auth', token_url: '/oauth2/get_token')
  code = params[:code] if params[:code]
  puts "Code: #{code}"
  # token = client.auth_code.get_token(code, redirect_uri: $yahoo_redirect_url, headers: { "Authorization" => Basic })
  token = client.auth_code.get_token(code, redirect_uri: $yahoo_redirect_url)
  puts "THIS IS THE NEW TOKEN NOW: #{token}"
end

the variable used include: 

# for yahoo application
$consumer_id = "dj0yJmk9Q1RKU2x2NTY3WWVxJmQ9WVdrOU1YWnRUV2cyTXpBbWNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD1fth--"
$consumer_secret = "my_secret"
$yahoo_redirect_url = "http://localhost:4567/yahoo/contacts/oauth2callback"

What What is causing the error? Because the error source is this line.

 token = client.auth_code.get_token(code, redirect_uri: $yahoo_redirect_url)

what i'm I doing wrong?

Update: I had written the error at the title, and it seems many people can't see it. the error is

 OAuth2::Error invalid_request: {“error”:“invalid_request”}
file: client.rb location: request line: 113

the returned url is looks like this:

http://localhost:4567/yahoo/contacts/oauth2callback?code=bck5tkm.

Where the code being taken is bck5tkm

Solution

  • Assuming you use the intridea OAuth 2.0 client (https://github.com/intridea/oauth2), you may be bumping in to a bug:

    https://github.com/intridea/oauth2/pull/192

    meaning that Yahoo refuses to permit client credentials in the request body. The pull request has not been merged yet so you'd need to apply that to your own code (or find another gem that works).