400 - Oauth error invalid_request

Shopify Partner
31 0 5

Hi,

I am using the Shopify OAuth for my app. The code has worked fine, until this morning. Are there any technical issues with using OAuth today?

Request

POST https://jmatestshop.myshopify.com/admin/oauth/access_token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: jmatestshop.myshopify.com
Content-Length: 127
Expect: 100-continue
Connection: Keep-Alive

client_id=xx&client_secret=yy&code=zz

Response

HTML -   <title>400 - Oauth error invalid_request</title>

Is something wrong with my account? It's under Cloud Cart Connector, JMA Web Technologies. This request for a token is using a test store. My tokens have been with Shopify for over a year. Should I renew or replace them?

0 Likes
Shopify Staff
Shopify Staff
582 0 45

What is your API key?

0 Likes
Shopify Partner
31 0 5

Hi,

427eb2e294b8d7e554778c19df777692

0 Likes
Shopify Staff
Shopify Staff
582 0 45

It appears that your request that was placed at 20:03:02 UTC did succeed because I can see that the code was redeemed for the access token.

How are you verifying/extracting the codes from the oauth callback?

0 Likes
Shopify Partner
31 0 5

Hi,

Here is the code:

        public ShopifyAuthorizationState AuthorizeClient(string code)
        {
            string url = String.Format("https://{0}.myshopify.com/admin/oauth/access_token";, _shopName);
            string postBody = String.Format("client_id={0}&client_secret={1}&code={2}",
                _apiKey,    // {0}
                _secret,    // {1}
                code);      // {2}

            HttpWebRequest authRequest = (HttpWebRequest)WebRequest.Create(url);
            authRequest.Method = "POST";
            authRequest.ContentType = "application/x-www-form-urlencoded";
            using (var ms = new MemoryStream())
            {
                using (var writer = new StreamWriter(authRequest.GetRequestStream()))
                {
                    writer.Write(postBody);
                    writer.Close();
                }
            }

            var response = (HttpWebResponse)authRequest.GetResponse();
            string result = null;

            using (Stream stream = response.GetResponseStream())
            {
                StreamReader sr = new StreamReader(stream);
                result = sr.ReadToEnd();
                sr.Close();
            }

            if (!String.IsNullOrEmpty(result))
            {
                // it's JSON so decode it
                JObject jsonResult = JObject.Parse(result);
                return new ShopifyAuthorizationState
                {
                    ShopName = this._shopName,
                    AccessToken = (string)jsonResult["access_token"]
                };
            }

            return null;
        }
    }

0 Likes
Shopify Staff
Shopify Staff
582 0 45

I've turned on logging so we should get more granular data into what is going wrong with your application. Looking at this everything seems correct. The only thing that really stands out could be the lack of a missing Accept header, but if it was working in the past I don't see how this could cause anything.

0 Likes
Shopify Partner
31 0 5

Hi,

I just ran a request through. What is it saying? What should the accept header say? application/json?

0 Likes
Highlighted
Shopify Staff
Shopify Staff
582 0 45

What should the accept header say? application/json?

Yes

0 Likes
Shopify Partner
31 0 5

OK, I added it. If there are issues, I'll let you know tomorrow.

0 Likes
Shopify Partner
31 0 5

Hi,

OK, error changed. Does this expire after a few seconds? I tried this on cloudcartconnector.com, then I tried it on localhost:7777. Is that why this error occurs? Perhaps it will fix itself tomorrow. I appreciate the help.

POST https://jmatestshop.myshopify.com/admin/oauth/access_token HTTP/1.1
Accept: application/json
Content-Type: application/x-www-form-urlencoded
Host: jmatestshop.myshopify.com
Content-Length: 127
Expect: 100-continue

client_id=427eb2e294b8d7e554778c19df777692&client_secret=XX&code=39d3033e457e573fcff17c6c018c7c13

HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 13 Jan 2015 22:33:57 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 400 Bad Request
X-XSS-Protection: 1; mode=block; report=/xss-report/6e36adc2-5846-4d9f-a427-9113017525a0?source%5Baction%5D=access_token&source%5Bcontroller%5D=admin%2Foauth&source%5Bsection%5D=admin
X-Content-Type-Options: nosniff
X-ShopId: 2981797
X-ShardId: 3
X-Frame-Options: SAMEORIGIN
X-Request-Id: 6e36adc2-5846-4d9f-a427-9113017525a0


{"error":"invalid_request"}

0 Likes