Question

Failing to retrieve auth token after successful authorization with OAuth API

  • 9 November 2023
  • 5 replies
  • 374 views
A

I am currently trying to integrate with the latest OAuth API but run into a problem when trying to obtain the token. I was able to make a successful authorization request to receive the code needed. But when I try making the call to https://auth.calendly.com/oauth/token, I receive the following error:

bad request: [json.exception.parse_error.101] parse error at line 1, column 1: syntax error while parsing value - invalid literal; last read: '<'

I am following the API specs @ https://developer.calendly.com/api-docs/be9b32ef4b44c-get-access-token. I further can confirm that my credentials are valid because when I supply invalid data, e.g., wrong client_id, I am getting the expected error message for wrong credentials. Below is my code that I am currently using for the call in Python.

What am I doing wrong? 

Thank you in advance,

-Andreas

 

def callback(self, request, *args, **kwargs):

# Extract the authorization code from the callback URL

authorization_code = request.GET.get('code')

 

# Exchange the authorization code for an access token

token_url = os.getenv('CALENDLY_ACCESS_TOKEN_URL')

client_id_and_secret = os.getenv('CALENDLY_CLIENT_ID') + ":" + os.getenv('CALENDLY_REDIRECT_URL')

token_params = {

"grant_type": "authorization_code",

"code": authorization_code,

"redirect_uri": os.getenv('CALENDLY_REDIRECT_URL'),

"client_id": os.getenv('CALENDLY_CLIENT_ID')

}

 

try:

headers = {

"Authorization": f'Basic {ViewSetUtil.encodeBase64(client_id_and_secret)}',

"Content-Type": "application/x-www-form-urlencoded"

}

response = requests.post(token_url, data=token_params, headers=headers)

 

return HttpResponse(response.text)

except Exception as e:

log.exception(f'[Calendly] Failed to authorize user {request.user.username}/{request.user.email}')

return HttpResponse('Authorization failed!')

 

This topic has been closed for comments

5 replies

A
Rank
Userlevel 1

Hey Andreas,

 

It looks like you might not be constructing the client_id_and_secret correctly. I believe it should be something like:

client_id_and_secret = os.getenv('CALENDLY_CLIENT_ID') + ":" + os.getenv('CALENDLY_CLIENT_SECRET')

 

A

Thank you anolson for your extra pair of eyes here. That clearly was a silly mistake of mine. In fact, even ChatGPT figured that one out after I realized I can seek help from it as well. 

I further found another issue where I returned a binary base64. I used the Calendly API portal to verify my headers are exactly the same at this point. After these 2 fixes, I definitely made progress but are still not able to complete the round trip. The message I am getting now is:

{'error': 'invalid_client', 'error_description': 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'}

A
Rank
Userlevel 1

Sounds like you’re still stuck on creating a token. That error is a pretty general error message that can returned for a number of reasons.

 

Are you able to successfully create a token with something like Postman or curl? Try getting that to work first and then you should be able to compare that request with the request that your python code is making.

Here’s an example of making the request with curl:


$ curl -v --request POST https://auth.calendly.com/oauth/token --user "<client_id>:<client_secret>" --header "Content-Type: application/x-www-form-urlencoded" --data "grant_type=authorization_code&code=<authorization_code>&redirect_uri=<redirect_uri>"

 

A

I actually did eventually revert back to curl to verify the same. Instead of --user I used the header with basic auth but either version failed, yours and mine still failed. As it turns out, I must have corrupted the client secret at some point because I just tried with a fresh project and things work as expected.

Again, thank you very much for helping me get there. I am in business now!

A
Rank
Userlevel 1

Awesome, that’s great to hear!

Reduce your toggle tax. Check out the Calendly browser extension.' “Learn
Terms & ConditionsCookie Settings