Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

QOAuth2AuthorizationCodeFlow and problem with redirect_uri



  • Hello everyone!

    In my application with Qt I'm trying integrate API with OAuth 2 technology. In my situation redirect_uri looks like "urn:ietf:wg:oauth:2.0:oob". The code which I'm using looks like:

            auto replyHandler = new ShikimoriOAuthServerReplyHandler(this);
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::tokensReceived, [](const QVariantMap &tokens) {
                qDebug()<<"tokens:"<<tokens;
            });
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::callbackReceived, [](const QVariantMap &values) {
                qDebug()<<"values:"<<values;
            });
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::replyDataReceived, [](const QByteArray &data) {
                qDebug()<<"data:"<<data;
            });
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::callbackDataReceived, [](const QByteArray &data) {
                qDebug()<<"data:"<<data;
            });
            m_oauth2 = new QOAuth2AuthorizationCodeFlow(this);
            m_oauth2->setReplyHandler(replyHandler);
            m_oauth2->setContentType(QAbstractOAuth2::ContentType::Json);
            m_oauth2->setClientIdentifier(m_ClientID);
            m_oauth2->setClientIdentifierSharedKey(m_ClientSecret);
            m_oauth2->setUserAgent(ShikimoriHelpers::userAgentForShikimoriRequests());
            m_oauth2->setAuthorizationUrl(QUrl("https://shikimori.org/oauth/authorize"));
            m_oauth2->setAccessTokenUrl(QUrl("https://shikimori.org/oauth/token"));
            connect(m_oauth2, &QOAuth2AuthorizationCodeFlow::authorizeWithBrowser, &QDesktopServices::openUrl);
            connect(m_oauth2, &QOAuth2AuthorizationCodeFlow::statusChanged, [](QAbstractOAuth::Status status) {
                switch (status) {
                    case QAbstractOAuth::Status::Granted: {
                        qDebug()<<"status: Granted";
                        break;
                    }
                    case QAbstractOAuth::Status::NotAuthenticated: {
                        qDebug()<<"status: NotAuthenticated";
                        break;
                    }
                    case QAbstractOAuth::Status::TemporaryCredentialsReceived: {
                        qDebug()<<"status: TemporaryCredentialsReceived";
                        break;
                    }
                    case QAbstractOAuth::Status::RefreshingToken: {
                        qDebug()<<"status: RefreshingToken";
                        break;
                    }
                }
            });
            connect(m_oauth2, &QOAuth2AuthorizationCodeFlow::replyDataReceived, [](QByteArray data){
                qDebug()<<"data:"<<data;
            });
            m_oauth2->grant();
    

    When I start this code I see the web browser with code but my application doesn't receive any signals and callback from browser and I can't get token for authorize on the backend.
    My question is what I'm doing wrong and where I can find good example which using redirect_uri as urn:ietf:wg:oauth:2.0:oob?



  • Hello Andrew!

    Could you please answer me, have you succeed in solving this task, because I have got the same problem now and can`t find any solution. If an answer is "yes", would you be so kind to share information about the way you have done this?



  • Hello Yuriy_KHA!

    Sorry for the later answer but I didn't find any solutions for this. I using web view with catching redirect of request. Something like this I'm using on iOS when I don't have special SDK and need to use OAuth2 authorization.



  • I'm using oauth2 with Microsoft Graph API and I could perform some basic queries using the web server created by QOAuthHttpServerReplyHandler on http / localhost.

    When I registered my app on https://apps.dev.microsoft.com I had the option to specify platform: native application (with similar URI as you specified and this URL https://login.microsoftonline.com/common/oauth2/nativeclient) or web application (where I could specify http://localhost:myport as it is configured in the call of QOAuthHttpServerReplyHandler ).

    I don't see how the ShikimoriOAuthServerReplyHandler defines the redirect url but I guess it is the same as you specified "urn:ietf:wg:oauth:2.0:oob". Maybe I misunderstood something but I think with the nativeclient link the user gets redirected to a page where user should copy some tokens from the page and paste to your app. By using the web application your app can directly communicate with the oauth2 server.

    I followed the steps of the following guide to see the details of the communication with wireshark:

    https://www.peter.hartmann.tk/single-post/2013/04/08/How-to-decrypt-SSL-traffic-of-Qt-programs-in-Wireshark

    Have you resolved this meanwhile and what was your solution?



  • Hello @Laszlo-LG,

    The answer to you question about my solutions of this problem will be and YES and NO. I can tell YES because My application is working for now with OAuth2 authorisation. My solution is a using URL scheme for application. This schemes are using when you need to open your application from the other application or from the email. I'm setting as a redirect url my url scheme. When my application received redirect url My application gets correct token. Also I can tell NO because the url scheme is not a best solution. I think can be done more universal solution for this.