Using google oauth client (java) fails to execute token request

cryptearth · February 20, 2020, 1:50pm

So, I started developing a live chat client for YT, but as it has a limit in place wich isn’t sufficient for my use I decided to try Twitch. As I already got some experience by tinkering with the YT API and the OAuth2 stuff it requires I got a valid token first try by follow the doc. As the doc shows examples with raw URLs (same as Googles doc btw) I did exactly that: constructed the raw URLs with the required parameters and called them in by browser (to get a POST instead of a GET I just made up a small html from with method set to post and action to the constructed url - worked perfectly). As Google provides a lot of java implementations I thought: Ok, if OAuth2 basically boils down to two URLs (auth and token), the client ID and the secret, it should be easy to modify my code from the google specific sub classes to the standard base classes. So I put together this:

Credential.AccessMethod method=BearerToken.queryParameterAccessMethod();
HttpTransport transport=GoogleNetHttpTransport.newTrustedTransport();
JsonFactory jsonFactory=JacksonFactory.getDefaultInstance();
GenericUrl tokenServerUrl=new GenericUrl("https://id.twitch.tv/oauth2/token");
String clientId="client-id";
HttpExecuteInterceptor clientAuthentication=new ClientParametersAuthentication(clientId, "client-secret");
String authorizationServerEncodedUrl="https://id.twitch.tv/oauth2/authorize";
AuthorizationCodeFlow authorizationCodeFlow=new AuthorizationCodeFlow.Builder(method, transport, jsonFactory, tokenServerUrl, clientAuthentication, clientId, authorizationServerEncodedUrl).build();
List<String> scopes=Arrays.asList(//"analytics:read:extensions",
//"analytics:read:games",
//"bits:read",
"channel:read:subscriptions",
//"clips:edit",
//"user:edit",
//"user:edit:broadcast",
//"user:read:broadcast",
//"user:read:email",
"channel:moderate",
"chat:edit",
"chat:read",
"whispers:read",
"whispers:edit",
"channel_editor",
"channel_commercial");
System.out.println(authorizationCodeFlow.newAuthorizationUrl().setRedirectUri("callback url").setScopes(scopes).setResponseTypes(Arrays.asList("code")).setClientId(clientId).set("force_verify", "true").build());
String authCode=(new BufferedReader(new InputStreamReader(System.in))).readLine();
AuthorizationCodeTokenRequest authCodeTokenReq=authorizationCodeFlow.newTokenRequest(authCode);
authCodeTokenReq=authCodeTokenReq.setGrantType("authorization_code")
//.setScopes(scopes)
.setRedirectUri("callback url");
TokenResponse tokenResponse=authCodeTokenReq.execute();
Credential credential=authorizationCodeFlow.createAndStoreCredential(tokenResponse, "client");

On execution it fails on the 2nd to last line where it executes the token request. The exception says the JSON parsers failed to parse to scope array as it only got a String but no array (could maybe an error of the parser implementation).
If I do the request myself:

URL url=new URL("https://id.twitch.tv/oauth2/token?client_id="+URLEncoder.encode(clientId, "UTF-8")+"&client_secret="+URLEncoder.encode("client secret", "UTF-8")+"&code="+URLEncoder.encode(authCode, "UTF-8")+"&grant_type=authorization_code&redirect_uri="+URLEncoder.encode("callback url", "UTF-8"));
HttpURLConnection httpURLConnection=(HttpURLConnection)url.openConnection();
httpURLConnection.setRequestMethod("POST");
httpURLConnection.connect();
System.out.println(httpURLConnection.getContentLengthLong());
System.out.println(httpURLConnection.getContentType());
int read=0;
byte[] buffer=new byte[1024];
InputStream in=httpURLConnection.getInputStream();
while((read=in.read(buffer))!=-1)
System.out.write(buffer, 0, read);
httpURLConnection.disconnect();

I successfull get the token as shown in the example in the doc. So, although this might be on the wrong spot here as it may could be an error of the google provided API implementation, let me ask:

Has anybody here succuessful used the google oauth java client in the past and can give me a hint?
Could it maybe some faulty response so the JSON replied as the token isn’t valid to parse (didn’t had any chance to try a different json parser yet).

Thanks in advance and sorry if this here is the wrong spot for this question.

cryptearth · February 21, 2020, 1:25am

So, as far as I stepped through with netbeans the json parser returns a list, wich is a json object, but requires a json array. Does this mean that the google oauth lib is not compatible with twitch - or that twich sends a reply not conform to oauth rfc (have to check this one next)?

//small edit
Stepped through again, and when the parser comes to the array it says the type is just a String instead of an array. I don’t know if there’s an error in the parser or the json replied by twitch is not valid json.

cryptearth · February 21, 2020, 2:40pm

Ok, so I tried a couple of different java oauth libs, but could non of them get to work. Googles version fails cause twitch replies a space splitted “array” as one string where google awaits a “normal” json array, others miss either the last step where you actuall get the token after you got the auth token or fail to correctly set the client-id wich result in error returned. Interesstingly I also could only got googles lib work on google services like youtube - all the other libs failed the same as on twitch.
So, I ended up in doing it myself using javas urlconnection and simple regex parsing as the structure is fixed.
Only other option might be to fork the available libs and “correct” them to work with twitch - but that’s overkill just to get a token.
Topic can be closed.

system · March 22, 2020, 2:40pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.