Authorization Flow returns 400

Question

I've been trying to fix this issue for a good hour, and I can't seem to fix this. I'm using node-fetch for my requests (which is just a replica of the Fetch API for browsers, but cloned for Node). I've got the following code:

fetch("https://accounts.spotify.com/api/token", {
    body: `grant_type=authorization_code&code=${req.query.code}&redirect_uri=${encodeURIComponent("http://localhost:3000/callback")}`,
    headers: {
        Authorization: `Basic ${btoa(my_client_id)}:${btoa(my_client_secret)}`,
        "Content-Type": "application/x-www-form-urlencoded"
    },
    method: "POST"
})

This is supposed to take the code from the callback, and send it to Spotify for a refresh token.

Expected behaviour:

Returned should be the following:

Actual behaviour:

400 Bad Request (consistently)

Answer 1

This works. It looks like you are encoding the credentials incorrectly. Its base64({id}:{secret}) not base64({id}):base64({secret}).

I used request-promise purely for convenience, so if you fix the Authorization header in your fetch, it should work.

const rp = require('request-promise');

const clientId = 'xxx';
const clientSecret = 'xxx';

async function auth() {
    const credentialsBuffer = Buffer.from(`${clientId}:${clientSecret}`);
    const options = {
        method: 'POST',
        uri: 'https://accounts.spotify.com/api/token',
        form: {
            grant_type: 'client_credentials'
        },
        headers: {
            Authorization: `Basic  ${credentialsBuffer.toString('base64')}`
        },
    };
    const resp = await rp(options);
    console.log(resp);
}

(async () => {
    await auth();
})()