Hello all.
I’m new to trying to use oauth in my python code and web-app, (I’ve been using jwt till now), and despite following the tutorials supposedly to-the-letter, I’m obviously doing something wrong.
My setup is as follows:
I’ve defined and added the oauth app in the market place, and defined the redirect URL to the relevant flask-app on my site’s backend.
Clicking “add” works; I see the request in my site’s logs, and I get a response with a valid token.
So far so good.
However, I tried using this in my python code, by creating the authentication-request link -
and then using a simple requests.get(make_authorization_url()) for parsing and aquiring the token, so that I can potentially then make api requests.
But it’s not working, and looking at my code’s logs and the web-app’s logs it seems like there are 2 things going wrong in parallel:
The authentication-url is returning a sign-in page instead of the expected token.
I don’t even see any http message being logged on my site.
So it seems like the authentication-url isn’t reaching the redirect stage, because it’s not actually making a request, because it’s getting stuck on a sign-in page!
What am I missing? What am I doing wrong?
(This might be a super simple mistake on my behalf; as mentioned - I’m really new to all this).
This is python right?
For Server to Server OAuth, I’m using something like this.
If you are using other OAuth flow, let me know, I’ll share a different solution.
import requests
import base64
import os
from dotenv import load_dotenv
# Load environment variables from .env file, this will try to load these values from your .env file
load_dotenv()
# Your .env file should look something like this
#CLIENT_ID='xxxxxxxxxx'
#CLIENT_SECRET='yyyyyyyyyyyyy'
#ACCOUNT_ID='zzzzzzzzzzzz'
# Access the environment variables
client_secret = os.getenv("CLIENT_SECRET")
client_id = os.getenv("CLIENT_ID")
account_id = os.getenv("ACCOUNT_ID")
oauth_url = 'https://zoom.us/oauth/token?grant_type=account_credentials&account_id='+account_id # Replace with your OAuth endpoint URL
def get_access_token():
try:
# Create the Basic Authentication header
auth_header = f'Basic {base64.b64encode(f"{client_id}:{client_secret}".encode()).decode()}'
# Define the headers for the OAuth request
headers = {
'Authorization': auth_header,
}
# Make the OAuth request
response = requests.post(oauth_url, headers=headers)
# Check if the request was successful (status code 200)
if response.status_code == 200:
# Parse the JSON response to get the access token
oauth_response = response.json()
access_token = oauth_response.get('access_token')
return access_token
else:
print(f'OAuth Request Failed with Status Code: {response.status_code}')
print(response.text)
return None
except Exception as e:
print(f'An error occurred: {str(e)}')
return None
Your code helped me fix one problem I think, which was to simply replace my requests.get with a requests.post, which makes sense. Thanks.
However! I’m now getting a {'code': 200, 'message': 'Account does not enabled REST API.'} reply.
What am I doing wrong now? Or should I open a new post because this is probably a different problem?
@shlomi.fenster I would recommend you to do so, as my other colleagues who are familiar with that error message might be able to help you with that issue.