OAUTH2 Endpoint keeps throwing MethodNotAllowed (405) or 400 (grant type invalid)

I’ve tried everything I can think of, and nothing seems to make this work.

I’ve tried everything in this post, and anything else I can get my hands on. Finally, I tried a curl command, and I’m getting something new:

{"error": "unsupported_grant_type"}400

Here’s my curl (sanitized, obviously):

curl -X POST -d 'password={}&client_id={}j&username=b4ux1t3&grant_type=password' -vi -w "%{http_code}" -L https://beta.online-go.com/oauth2/token

Am I missing something obvious here?

EDIT: For the record, here’s the code I’m trying to use. You can see various iterations littered throughout, though they all do similar things.

What does the j do?

1 Like

Haha, that’s the last character of my actual client ID, I missed it when I was sanitizing.

2 Likes

So, minor update, I guess? I found the source code for an iPad app that still uses the /api/v0/login endpoint. . .so I’m using that for now.

This is not ideal, because it means I either need to prompt users or store their password and, well, I obviously don’t want to do the latter.

I’m going to put a pin in it and see if I can’t use the JWT that comes from that response for playing games.

Thing is, I really want to provide this API connector as a nuget package for other folks who want to use C#/.NET for connecting to OGS, so I really need to circle back to this eventually.

EDIT:

Well, that doesn’t work. the JWT doesn’t seem to actually work as a bearer token.

I was thinking @benjito might know or some other app creators like @MrAlex , @HongAnhKhoa or @wolfeystudios

1 Like

Ooo, Mr Alex writes the android app I use, and following his posts, it’s open source. That’s one I haven’t looked at yet. To GitHub!

Could you share code as text (or as a github repo) instead of screenshot? Some important information is obscured by an IDE popover.

You can use triple backticks (```) to format code

1 Like

Ah I see the curl request, but I don’t see what’s wrong with it. Is it possible to set client type as well?

1 Like

Ha! I was in the middle of typing that the curl command was a direct copy of the code’s values.

I did try public (as a grant type in the app config), but I don’t remember if I tried it with everything else wired up correctly, too.

I will try again tonight, in a little bit.

If that’s it, I’m going to face-palm pretty hard.

1 Like

Here’s another thread, including some working JS code.

Sorry I can’t be of more help! This API auth has been the cause of headache for so many haha

2 Likes

Yeah, no worries. Auth is… Well, it’s hard. Even good technologies don’t make it all that much easier.

Hopefully once I get it working I can just abstract it away for anyone who wants to work in dotnet.

Rhanks for the replies!

1 Like

No problem! One more thought- double check you’ve got your client registered at beta.online-go.com if you’re trying to talk to the beta server. Beta and Prod are separate

:thinking:

That may actually be what’s going on. I don’t remember if I verified that last night. :grimacing:

The good news is that that wasn’t the problem, and also I’m now replicating the BadRequest from the curl command in code.

The bad news… Well yeah.

EDIT:

Man, this is really bizarre.

I have copied the format of the linked thread exactly:

{
  "client_id": "{}",
  "grant_type": "password",
  "username": "b4ux1t3",
  "password": "{}"
}

And I still just get back:

{
  "error": "unsupported_grant_type"
}

Put my settings the way they have them in the post:

UPDATE:
Still no good. I even tried leaving off the client ID. Still the grant type error.

I gotta sleep on this.

1 Like

I have resolved the issue. It was. . .dumb.

I wasn’t setting a content-type for the post request. I was assuming that that header would be set by the library I’m using, and it wasn’t. :man_facepalming:

I used url-encoded, but I’m pretty sure it’d work even if I went back to sending a JSON-based request; I’d just need to set the header. I’m considering putting in a bug report to the library, because this feels like the sort of thing that should be handled automatically (as it is in similar libraries in other ecosystems).

Thanks go to @mikusai for having their own, unrelated problem, but who shared their auth code and made me think about the header: Trying to upload an SGF but it doesn't work. Please help!

1 Like