Formatting API response for Alexa account linking in product mode?


#1

I need to create a response to Alexa’s request for account linking that will work similar to https://api.particle.io/oauth/authorize. In product mode/organization, sending a link request to the api directly and signing in with a product linked user credentials results in “Invalid credentials”. Even if it could work, this would be a confusing experience for a product user that is oblivious to Particle. This is for a product using Simple Auth.

So on my site I’ve set up a page that sends the request to the Particle API, using the particle-api-js, to obtain an access token (which works) to pass along to Alexa Skills linking request (which works in the redirect URL with query string).

However, I’m struggling to figure out how to respond to the Alexa request the way the API would with a message body or http headers. Here is the JavaScript that takes the Alexa provided parameters, plus the access token provided by the Particle API to pass it back:

	particle.login({username:user, password:pass}).then(
		function(data) {
			// Executed if login completes successfully
			accessToken = data.body.access_token;
			console.log("accessToken=" + accessToken);
			
			redirectAlexa();
		}
);

function redirectAlexa() {
  const params = new URLSearchParams(window.location.search);  
  const myredirect_uri = params.get("redirect_uri");  
  const mystate = params.get("state"); 

   var myAlexaLink = myredirect_uri.concat("?state=", mystate, "&code=", accessToken, "&expires_in=7776000");
 
   window.location.replace(myAlexaLink);   
}

But this is not enough to just pass along the info in the URL query string. The Alexa instructions don’t detail more info (that I can find), but I’ve seen additional posts mentioning the body message needs to include status 200 OK message.

I’m not sure how to go about creating and transmitting the right message body/http headers?

Background more info
This is the URL that Alexa sends the linking request to where my login obtains the access token to pass back to the requested URL:
https://mydomainexample.com/alexa-authorization/?client_id=alexaskill-XXX&response_type=code&state=XXXX&scope=none&redirect_uri=https%3A%2F%2Fpitangui.amazon.com%2Fapi%2Fskill%2Flink%2FMXXX

My page/script is built from @rickkas7 code and extended.

The Alexa skills project is built using the terrific guide from @ronlisle

I hope once I get this working to post a repository for other product users to enable this.