Oath2 Authorization Flow for Yahoo using AuthSession API

Please provide the following:

  1. SDK Version: 37.0.3
  2. Platforms(Android/iOS/web/all): iOS

Hello, I am trying to build a fantasy basketball app based on the Yahoo Fantasy API. I am trying to use AuthSession API from expo in order to do the OAuth Authentication process listed here. I am able to get the Authorization code from yahoo after the user authenticates using AuthSession, I then need to take that code and send it to the OAuth 2.0 Token Endpoint: using the HTTP Post method. I send the data using fetch and I am getting the error in the response stored in response.json:
{
“error”: “INVALID_AUTHORIZATION_CODE”,
“error_description”: “OAuth authorization code expired or invalid”,
}

I print the authorization code right before I send it to the token endpoint, and have verified that they are exactly the same.

I’ve pasted my code for the signIn() function below. I have highlighted the getTokens() function, which is causing the issue. Please let me know if you have any pointers as to how I can clear this error and get the Access token.

import React, { useEffect, useState } from ‘react’;
import {View, Text, TouchableOpacity, Alert } from ‘react-native’;
import * as WebBrowser from ‘expo-web-browser’;
import { makeRedirectUri, useAuthRequest } from ‘expo-auth-session’;
import { Base64 } from ‘js-base64’;

const useProxy = true;
const redirectUri = makeRedirectUri({ useProxy });
const CLIENT_ID = scrambledcleintid
const CLIENT_SECRET = scrambledclientsecret

function SignIn({ navigation }) {

WebBrowser.maybeCompleteAuthSession();

var code;

const discovery = {
//I can only post 2 links on this forum post so I am using a constant instead.
authorizationEndpoint: YAHOO_API_REQUEST_AUTH,
tokenEndpoint: YAHOO_TOKEN_ENDPOINT };

//request
const [request, result, promptAsync] = useAuthRequest({
clientId: CLIENT_ID,
clientSecret: CLIENT_SECRET,
scopes: [“openid”],
responseType:‘code’,
redirectUri, //will likely need to change for production
extraParams: {
// ideally, this will be a random value
nonce: “nonce”,
},

},discovery);

useEffect(() => {
if (result) {
if (result.error) {
Alert.alert(
“Authentication error”,
result.params.error_description || “something went wrong”
);
return;
}
if (result.type === “success”) {
code = result.params.code;
getTokens();
//const { name } = code;
//setName(name);
}
}
}, [result]);

const getTokens = async () => {
  try {

    const authcode = Base64.encode(`${CLIENT_ID}:${CLIENT_SECRET}`);

    const bodystr = `code=${code}&grant_type=authorization_code&redirect_uri=${redirectUri}`;
    const response = await fetch('https://api.login.yahoo.com/oauth2/get_token', {
      method: 'POST',
      headers: {
        Authorization : `Basic ${authcode}`,
        'Content-Type' : 'application/x-www-form-urlencoded',
      },    
      body: bodystr
    });
    const responseJson = await response.json();
     } catch (err) {
    console.error(err);
  }
}

return (
<View style={{ flex: 1, justifyContent: ‘center’, alignItems: ‘center’ }}>
Sign In screen
<TouchableOpacity
style = {styles.button}
onPress={() => promptAsync({ useProxy, redirectUri })}>
Sign In


);
}

export default SignIn;

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.