OAuth failed from my server


#1

Hello, I’m writing some nodejs code on my server which needs to call the Particle REST Api.
I created an OAuth client (two legged authentication) and I pass the client_id and the client_secret to loginAsClientOwner function of the Particle js SDK.
Unluckily I cannot authenticate, and I get the following error:

“HTTP error 400 from https://api.particle.io/oauth/token - The grant type is unauthorised for this client_id”

Any of you can guess what’s going wrong ?

Here’s the code that generates the error, thank you in advance for your help.

Antonio

const configSettings = require('config');
const Particle = require('particle-api-js');
const logger = require('./logger');

const particle = new Particle();
var particleToken;

const clientId = configSettings.get('particle.client_id');
const clientSecret = configSettings.get('particle.client_secret');

particle.loginAsClientOwner({ client_id: clientId, client_secret: clientSecret })
.then((data) => { particleToken = data.body.access_token; })
.catch((error) => { logger.logError(error); });

#2

Reading again all the docs I found this sentence (in the tutorial):

"2. Add OAuth Credentials to SDK
For both the mobile & JavaScript SDKs, you will need to add your client credentials to a configuration file. The client application will need the client credentials that you just generated "

So, I guess I don’t need to send the cliend ID and secret as params when calling the login function, but I need to save them somewhere in a configuration file of the SDK.

But where it is ?


#3

Hmmmmm, I just found out in the source code of the SDK the Default.js file where I can read:

export default {
	baseUrl: 'https://api.particle.io',
	clientSecret: 'particle-api',
	clientId: 'particle-api',
	tokenDuration: 7776000 // 90 days
};

So, now the question I think is: How can I change these defaults ?
Hope the answer is not to change the source code of the SDK.


#4

Ok, I solved this.
For others of you who will face the same problem, here’s how to do it (quite easy indeed):

The defaults are saved in internal clientId and clientSecret variables in Particle constructor (Particle.js):

constructor(options = {}) {
	// todo - this seems a bit dangerous - would be better to put all options/context in a contained object
	Object.assign(this, Defaults, options);
	this.context = {};
	this.agent = new Agent(this.baseUrl);
}

So, that’s just a matter of changing them:

// I get the credentials saved in a json configuration file
const clientId = configSettings.get(‘particle.client_id’);
const clientSecret = configSettings.get(‘particle.client_secret’);

// I save the credential in the Particle object to overwrite the default values
particle.clientId = clientId;
particle.clientSecret = clientSecret;

// And not I can connect
particle.loginAsClientOwner({})
.then((data) => {
token = data.body.access_token;
connected = true;
logger.logStartupMessage(“Connected to Particle Cloud with ClientID/Secret”)
})
.catch((error) => {
connected = false;
logger.logError(error);
});