All geek questions in one place

Soundcloud / oauth2 / token returns nothing but 401 response

I noticed that some code that I wrote using SoundcloudPHP stopped authentication today, although it worked fine the last time I used it a few days ago. To eradicate the problem, I tried to authenticate using the endpoint / oauth 2 / token, but the answer was 401 and an empty body. I used curl from the page https://developers.soundcloud.com/docs/api/reference#token

From the command line:

curl -v -X POST "https://api.soundcloud.com/oauth2/token" -F 'client_id=MY_ID' -F 'client_secret=MY_SECRET' -F 'grant_type=authorization_code' -F 'redirect_uri=MY_REDIRECT' -F 'code=0000000EYAA1CRGodSoKJ9WsdhqVQr3g'

Answer:

 * About to connect() to api.soundcloud.com port 443 (#0) * Trying 72.21.91.127... connected * Connected to api.soundcloud.com (72.21.91.127) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using AES256-SHA * Server certificate: * subject: OU=Domain Control Validated; CN=*.soundcloud.com * start date: 2014-04-22 16:52:12 GMT * expire date: 2016-04-08 10:08:48 GMT * subjectAltName: api.soundcloud.com matched * issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Domain Validation CA - SHA256 - G2 * SSL certificate verify ok. > POST /oauth2/token HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: api.soundcloud.com > Accept: */* > Content-Length: 658 > Expect: 100-continue > Content-Type: multipart/form-data; boundary=----------------------------e695cc6c8133 > < HTTP/1.1 100 Continue < HTTP/1.1 401 Unauthorized < Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin < Access-Control-Allow-Methods: GET, PUT, POST, DELETE < Access-Control-Allow-Origin: * < Access-Control-Expose-Headers: Date < Cache-Control: private, max-age=0, must-revalidate < Date: Thu, 01 Oct 2015 23:25:25 GMT < Server: am/2 < Content-Length: 0 < * Connection #0 to host api.soundcloud.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1):

I created new client tags to see if they work, and I get the same. Since I use the curl indicated in the docs, I expect it to work. Any ideas?

+5
source share
2 answers

I am the creator of the php library https://github.com/njasm/soundcloud .

And users of them reported the same problem, because what you are saying is also true that now curl examples on soundcloud no longer work (for some strange reason). Examining a problem to fix a library, I found what seems like a content type problem.

It seems that the type of content that you need to use when requesting / updating the token MUST always be the application / x -form-urlencoded, and before we (the library) work normally, exchanging data with the content type / JSON.

If you are a user of my library, you must upgrade it to the last wizard. If you can help in testing the fix, send a message to the problems page https://github.com/njasm/soundcloud/issues/25

Update: He confirmed that the content type MUST be applied / x -form-urlencoded

I am doing some testing to confirm that it really is. If so, I mark commit to stable release.

Good luck and hope this helps!

+4
source

I managed to solve this problem for the Soundcloud API for Cocoa using the solution from @njsam

in SCSoundCloud.m, add the following lines:

 NSDictionary *customHeaderFields = [NSDictionary dictionaryWithObject:@"application/x-www-form-urlencoded" forKey:@"Content-Type"]; [config setObject:customHeaderFields forKey:kNXOAuth2AccountStoreConfigurationCustomHeaderFields];

your method should look like this:

 + (void)setClientID:(NSString *)aClientID secret:(NSString *)aSecret redirectURL:(NSURL *)aRedirectURL; { NSMutableDictionary *config = [NSMutableDictionary dictionary]; [config setObject:aClientID forKey:kNXOAuth2AccountStoreConfigurationClientID]; [config setObject:aSecret forKey:kNXOAuth2AccountStoreConfigurationSecret]; [config setObject:aRedirectURL forKey:kNXOAuth2AccountStoreConfigurationRedirectURL]; [config setObject:[NSURL URLWithString:kSCSoundCloudAuthURL] forKey:kNXOAuth2AccountStoreConfigurationAuthorizeURL]; [config setObject:[NSURL URLWithString:kSCSoundCloudAccessTokenURL] forKey:kNXOAuth2AccountStoreConfigurationTokenURL]; [config setObject:[NSURL URLWithString:kSCSoundCloudAPIURL] forKey:kSCConfigurationAPIURL]; NSDictionary *customHeaderFields = [NSDictionary dictionaryWithObject:@"application/x-www-form-urlencoded" forKey:@"Content-Type"]; [config setObject:customHeaderFields forKey:kNXOAuth2AccountStoreConfigurationCustomHeaderFields]; [[NXOAuth2AccountStore sharedStore] setConfiguration:config forAccountType:kSCAccountType]; }

In addition, we needed to update the OAuth2Client library here to have support for kNXOAuth2AccountStoreConfigurationCustomHeaderFields

Hope this helps some people for iOS

0
source

Source: https://habr.com/ru/post/1232760/

More articles:


All Articles