Errors on login_verifier step

churcho · June 10, 2020, 7:02am

I am getting errors when I follow the URL given after passing a login_accepted

I have

http://localhost:4444/oauth2/auth?client_id=123456789&login_verifier=ad31c1ec0174428bb30fc0d3fbb50b84&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2Fauth%2Fcallback&response_type=code&scope=dashboard&state=1234567890

When I follow that I get back this error:

%{
  "error" => "invalid_request",
  "error_description" => "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed",
  "error_hint" => "Make sure that the various parameters are correct, be aware of case sensitivity and trim your parameters. Make sure that the client you are using has exactly whitelisted the redirect_uri you specified.",
  "state" => "1234567890"
}

churcho · June 10, 2020, 7:26am

After a bit of fiddling I am now seeing:

%{"error" => "request_forbidden", "error_description" => 
"The request is not allowed", "error_hint" => "You are not 
allowed to perform this action.", "state" => "1234567890"}

hackerman · June 10, 2020, 2:13pm

More details please! See https://www.ory.sh/hydra/docs/debugging

churcho · June 10, 2020, 3:02pm

Now I get No CSRF value available in the session cookie
Since I am making this call from an HTTP Client and not a user visiting a website. How can I overcome this?

Is it possible to get that value on the init of the calls and then use it on the subsequent calls?
The client I am using is hackney which is available in Elixir | Erlang

hackerman · June 11, 2020, 2:01pm

You can’t, that’s not how OAuth2 works! OAuth2 is a fundamental Browser protocol and needs user interaction. You can not circumvent that.

churcho · June 11, 2020, 2:12pm

Makes perfect sense.
Read on it a bit more and that’s the direction we chose.