Django NGROK zoom integration issue

arsalan.9798 · August 14, 2023, 10:08am

Description

I am developing a django zoom integration , i have exposed the localhost to ngrok, The above link is we are using for oauth authorization, but its returning
Invalid redirect: https://49a9-203-81-218-176.ngrok-free.app/zoom/oauth/callback (4,700)

Error?
Invalid redirect 4,700

elisa.zoom · August 15, 2023, 4:00pm

Hi @arsalan.9798
Thanks for reaching out to the Zoom Developer forum and welcome to our community.
Please make sure to add your Redirect URL to the Allow List as well and try again.
Hope this helps,
Elisa

arsalan.9798 · August 15, 2023, 6:40pm

Thanks Elisa, now when hitting the callback get request with the access_code, i am getting 400,

class ZoomOAuthCallbackView(View):

def get(self, request):
    code = request.GET.get('code')
    
    token_url = 'https://zoom.us/oauth/token'

    headers = {
    'Content-Type': 'application/x-www-form-urlencoded',
    'Authorization': f'Basic {base64.b64encode(f"{settings.CLIENT_ID}: 
                                                          {settings.CLIENT_SECRET}".encode()).decode()}',
    }
    payload = {
        'grant_type' : 'authorization_code',
        'code' : code,
        'redirct_uri' : settings.REDIRECT_URI,
    }
    print(payload)
    response = requests.post(token_url, headers=headers, data=payload)
    
    access_token = response.json().get('access_token')

    return JsonResponse({'access_token':access_token})

getting 400 error
Kindly review if i am doing something wrong
PS i have stopped ngrok as the above is working for localhost

elisa.zoom · August 16, 2023, 3:57pm

Hi @arsalan.9798
Can you please double check your authorization headers? Id looks like you are encoding and decoding your client id and secret.

arsalan.9798 · August 16, 2023, 4:21pm

I saw a tutorial for node JS … What it should be? Simply just client_id: secret_key ? Or any other encoding

elisa.zoom · August 16, 2023, 4:25pm

@arsalan.9798 you just need to base64 encode your client id and client secret

arsalan.9798 · August 16, 2023, 5:04pm

I have encoded my request
def get(self, request):
code = request.GET.get(‘code’)
token_url = ‘https://zoom.us/oauth/token’
headers = {
‘Content-Type’: ‘application/x-www-form-urlencoded’,
‘Authorization’: f’Basic {base64.b64encode(f"{settings.CLIENT_ID}:{settings.CLIENT_SECRET}".encode())}',
}
payload = {
‘grant_type’ : ‘authorization_code’,
‘code’ : code,
‘redirct_uri’ : settings.REDIRECT_URI,
}
response = requests.post(token_url, headers=headers, data=payload)
access_token = response.json().get(‘access_token’)
print(access_token)
return JsonResponse({‘access_token’:access_token})

These are the headers
{‘Content-Type’: ‘application/x-www-form-urlencoded’, ‘Authorization’: “Basic b’MDBubDBranVSMWE5ckNIMHU4M0YxQTp6eDVFUkJLTWFtS1pjNWliRXZkajVuU1A3bjVjUTZ2SQ=='”}

These are the payload
{‘grant_type’: ‘authorization_code’, ‘code’: ‘bwEj9sgUtY62HPhq16kT8m-pnh4GyeE-g’, ‘redirct_uri’: ‘http://localhost:8000/zoom/oauth/callback’}

This is the response
[======response====]
{‘_content’: b’{“status”:false,“errorCode”:-1,“errorMessage”:“Illegal base64 character 27”,“result”:null}',

elisa.zoom · August 16, 2023, 5:15pm

You are probably doing something wrong when encoding your client id and secret, you are encoding and decoding.

Take a look at these repos:

gist.github.com

https://gist.github.com/brandonmwest/a2632d0a65088a20c00a

example.cs

httpClient.DefaultRequestHeaders.Authorization = 
    new AuthenticationHeaderValue(
        "Basic", 
        Convert.ToBase64String(
            System.Text.ASCIIEncoding.ASCII.GetBytes(
                string.Format("{0}:{1}", username, password))));

example.php

$header = "Authorization: Basic " . base64_encode($username . ':' . $password);

example.py

base64string = base64.encodestring('%s:%s' % (username, password)).replace('\n', '')
header = ("Authorization: Basic %s" % base64string)

There are more than three files. show original

github.com

zoom/user-level-oauth-starter/blob/main/routes/api/zoomOauth.js

const express = require('express');
const axios = require('axios');
const qs = require('query-string');
const {
  createNewUser, getCurrentUser, getUsers, updateCurrentUserToken, deleteCurrentUser,
} = require('../../dbQuery');
const { decrypt } = require('../../crypto');
const withCurrentUser = require('../../middlewares/withCurrentUser');
const httpErrorHandler = require('../../httpErrorHandler');
const logHttpErrorPath = require('../../logHttpErrorPath');
const {
  ZOOM_OAUTH_TOKEN_URL, ZOOM_OAUTH_AUTHORIZATION_URL, ZOOM_API_BASE_URL, ZOOM_TOKEN_RETRIEVED,
  ZOOM_USER_REVOKE_ERROR, ZOOM_TOKEN_ERROR, ZOOM_TOKEN_REFRESH_ERROR,
  ZOOM_OAUTH_ERROR, ZOOM_FETCH_OAUTH_USERS_ERROR,
} = require('../../constants');

const router = express.Router();

// Zoom OAuth
router.get('/', async (req, res) => {

This file has been truncated. show original

arsalan.9798 · August 16, 2023, 5:50pm

yup now getting {“reason”:“Invalid Grant”,“error”:“invalid_grant”} i checked the most common solution is giving the redirecturi in encoded format did that too

elisa.zoom · August 17, 2023, 5:22pm

Hi @arsalan.9798
Were you able to troubleshoot this further?

arsalan.9798 · August 17, 2023, 5:32pm

No still stuck here , do you have any insight

elisa.zoom · August 17, 2023, 5:59pm

Did you take a look at the OAuth sample app I shared with you? @arsalan.9798
Could you try authorizing the app and generating an access token using Postman?
Here is a very helpful guide on how to do so:

arsalan.9798 · August 17, 2023, 6:12pm

Yes I did and I am getting the same reply on postman as well

elisa.zoom · August 17, 2023, 6:30pm

I will send you a private message @arsalan.9798