Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OAuth authorization code flow - "Missing column authorization_id" #200

Closed
r2social opened this issue Aug 17, 2020 · 6 comments
Closed

OAuth authorization code flow - "Missing column authorization_id" #200

r2social opened this issue Aug 17, 2020 · 6 comments
Labels
product: authentication question Further information is requested stopped investigating An issue that cannot be reproduced and is no longer being actively investigated. ticketed Has been given an internal tracking ticket

Comments

@r2social
Copy link

Brief description
I registered an application for OAuth on https://dev.twitch.tv/console/apps. I am using the authorization code grant flow. When I query the token endpoint as suggested by https://dev.twitch.tv/docs/authentication/getting-tokens-oauth, I get the following response back:

{
    "status": 500,
    "message": "Missing column authorization_id from item map[]"
}

How to reproduce

  1. Register an application for oauth
  2. Set application name to "SampleApp-token.somedomain.com"
  3. Set redirect uri to "https://beta.token.somedomain.com//connections/twitch/callback" (clientId is actual clientId value).
  4. Create secret
  5. Query for access tokens
curl --location --request POST 'https://id.twitch.tv/oauth2/token?client_id=<clientId>&client_secret=<secret>&code=<auth_code_grant>&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fbeta.token.somedomain.com%2F<clientId>%2Fconnections%2Ftwitch%2Fcallback' \
--header 'Accept: application/json'

Expected behavior

  1. Return valid token response. Something like what was shown on the guide:
{
  "access_token": "0123456789abcdefghijABCDEFGHIJ",
  "refresh_token": "eyJfaWQmNzMtNGCJ9%6VFV5LNrZFUj8oU231/3Aj",
  "expires_in": 3600,
  "scope": ["viewing_activity_read"],
  "token_type": "bearer"
}

Screenshots

Additional context or questions

  • I am an Amazon employee, but I am using my personal account to test.
@jbulava
Copy link
Member

jbulava commented Aug 20, 2020

This issue is ticketed for investigation internally as IDPLAT-4084.

@jbulava jbulava added the ticketed Has been given an internal tracking ticket label Aug 20, 2020
@ThisWillGoWell
Copy link

@r2social In your reproduction steps, are you also creating an authorization at some point? Where are you getting the auth_code_grant code in your request POST 'https://id.twitch.tv/oauth2/token

@lleadbet
Copy link
Contributor

lleadbet commented Sep 9, 2020

@r2social - what is your username? You can also message me on Discord as ConcreteEntree in the TwitchDev Discord if you'd prefer something private.

@lleadbet lleadbet added the question Further information is requested label Sep 11, 2020
@lleadbet
Copy link
Contributor

@r2social - wanting to ping back on this, as the team is having problems replicating this issue.

@lleadbet
Copy link
Contributor

Closing as we've not heard back. Feel free to reopen if you're still seeing this.

@lleadbet lleadbet added the stopped investigating An issue that cannot be reproduced and is no longer being actively investigated. label Jan 19, 2021
@AcesFullOfKings
Copy link

AcesFullOfKings commented Jan 6, 2022

Closing as we've not heard back. Feel free to reopen if you're still seeing this.

I've just had this exact issue and am unable to get a refresh token because of it. Googling the error code led me to here, then this issue.

I set up an app, then navigate to https://id.twitch.tv/oauth2/authorize?client_id=redacted&redirect_uri=redacted&response_type=code&scope=analytics:read:games+bits:read+channel:edit:commercial+channel:manage:broadcast+channel:read:redemptions+channel:read:subscriptions+user:edit:follows+channel:manage:predictions in a browser. The resulting code is generated correctly and received by my app, which then sends the request for a oauth token and refresh token, and receives the 500 response above. I was also able to replicate it in Postman:

image

@lleadbet - ping me if you need any more info. I could provide the client ID privately if that would allow you to investigate the requests at your end?

I have run this exact process previously and it worked fine. I ran it again because I allowed my original token to expire (my fault!) so I tried to request a new one using the same process as before, but this time it failed with 500.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
product: authentication question Further information is requested stopped investigating An issue that cannot be reproduced and is no longer being actively investigated. ticketed Has been given an internal tracking ticket
Projects
None yet
Development

No branches or pull requests

5 participants