Generic OAuth Connection with Polar Flow Failing

jembach · October 31, 2020, 12:44pm

Hi,

currently I’m trying to add a custom social connection using the generic OAuth approach.
The goal is, that my customers can login using polar flow. I have added everything as the auth0 and the polar documentations are describing.

Every-time I log in using polar flow, I get an error similar to this:

 {
  "date": "2020-10-31T12:26:55.078Z",
  "type": "f",
  "connection": "Polar-Access-Link",
  "connection_id": "SOME_CONNECTION_ID",
  "client_id": "SOME_CLIENT_ID",
  "client_name": "All Applications",
  "ip": "SOME_IP",
  "user_agent": "SOME_USER_AGENT",
  "details": {
    "body": {},
    "qs": {
      "state": "SOME_STATE",
      "code": "SOME_CODE"
    },
    "connection": "Polar-Access-Link",
    "error": {
      "oauthError": "invalid_request",
      "type": "request-error"
    },
    "session_id": "SOME_SESSION_ID"
  },
  "hostname": "SOME_HOSTENAME",
  "strategy": "oauth2",
  "strategy_type": "social",
  "log_id": "90020201031122700188000481895412990414434796134750748706",
  "_id": "90020201031122700188000481895412990414434796134750748706",
  "isMobile": false,
  "description": "User failed to login"
}

Currently I think have figured out, that the problem could be the access token exchange. Getting the authorization code is working well and the token is valid.

I have tested the OAuth login with polar flow manually using insomnia and it is working well. Therefore there must be a problem concerning auth0.

The documentation for Polar Flow could be found here: Polar Flow Auth

jembach · November 4, 2020, 12:07am

I have investigated some more time in this issue and found the problem.
Therefore I build up a proxy to the token endpoint of polar flow and send them only the data they are expecting.
In addition I found out how the token request by auth0 looks like:

{
  "body": {
    "grant_type": "authorization_code",
    "redirect_uri": "SOME_REDIRECT_URI",
    "client_id": "SOME_CLIENT_ID",
    "client_secret": "SOME_CLIENT_SECRET",
    "code": "SOME_CODE"
  },
  "header": {
    "connection": "Keep-Alive",
    "host": "SOME_HOST",
    "content-length": "246",
    "accept-encoding": "gzip",
    "user-agent": "Auth0 (http://auth0.com)",
    "content-type": "application/x-www-form-urlencoded",
  }
}

Finally I figured out, that polar flow is restricting their token endpoint to not receive a client_id in the body. After pruning it in my proxy everything worked well

konrad.sopala · November 4, 2020, 1:13pm

Perfect glad to hear that! Thanks for sharing it with the rest of community!

system · November 19, 2020, 1:13pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Custom Social Connection Fails to Obtain Access Token Knowledge Articles social-connections , custom , opaque-access-token-and-authorizat , indeed	1	1492	April 12, 2023
Error while custom Social login Help auth0 , social-connections , login	7	1636	November 16, 2022
Really vague error trying to get a custom social connection online Help social-connections , custom-social-connec	3	2266	January 20, 2022
Custom OAuth returns Invalid authorization code Help custom-social-connec , oauth2	10	13508	September 25, 2024
Custom Social Connection not working Help custom-social-connec	5	5166	July 25, 2019

Generic OAuth Connection with Polar Flow Failing

Related topics