How to instruct Social Connection context request to use Accept header

Hello!

I have a Custom Social Connection configured like this: https://i.imgur.com/sheXeoX.png.

When testing I see and accept the Grant page of the third party, and then I am getting to the Fetch User Profile Script. Mine looks like this:

function(accessToken, ctx, cb) {

    return cb(new Error(JSON.stringify(ctx))) // return early to debug object
		
    const profile = {};
      // Call OAuth2 API with the accessToken and create the profile
    request.get(
      {
        url: `https://www.swcombine.com/ws/v2.0/character/Testing%20Character?access_token=${accessToken}`,
      },
      (err, resp, body) => {
        if (err) {
          return cb(err);
        }
        if (resp.statusCode !== 200) {
          return cb(new Error(body));
        }
        let bodyParsed;
        try {
          bodyParsed = JSON.parse(body);
        } catch (jsonError) {
          return cb(new Error(body));
        }
        const profile = {
          user_id: bodyParsed.account.uuid,
          email: bodyParsed.account.email
        };
        cb(null, profile);
      }
    );
  }

I tried logging the accessToken parameter and it appears to be undefined. However when I log the ctx object I see that there is xml instead of json, and on the auth0 test screen the error message is:

{
  "error": "invalid_request",
  "error_description": "{\"<?xml version\":\"\\\"1.0\\\" encoding=\\\"UTF-8\\\"?>\\n<OAuth><access_token>b9ae1d4a6cdb6d8364a0643ce58f7655</access_token><expires_in>3600</expires_in><scope>character_read</scope></OAuth>\\n\",\"options\":{\"scope\":\"character_read\",\"tokenURL\":\"https://www.swcombine.com/ws/oauth2/token/\",\"client_id\":\"e5c1500bf34c3cec3761f3049cbc947e1299c7d8\",\"client_secret\":\"061e0d225e7bb6056901233ae43d37e707dac25e\",\"authorizationURL\":\"https://www.swcombine.com/ws/oauth2/auth/\",\"set_user_root_attributes\":\"on_first_login\",\"store\":{}}}"
}

It seems what is happening is that the third party provider is returning xml instead of json. However, it supports returning json if the Accept header specifies Accept: ā€˜application/jsonā€™. I tried creating a Rule (even if decprecated) to modify the ctx.request.headers[ā€˜Acceptā€™] but Iā€™m not sure that is effective or possible as when I ran the rule test there wasnā€™t a ā€˜headerā€™ property on the ctx.request object.

How can I make the request header accept json, or if not how can I convert the xml response to json? The auth0 sandbox doesnā€™t allow access to window or DOMParser.

Thanks for your time.

Hey there and welcome @bpkennedy !

One thing that you can check is if you include the audience parameter in your /authorize request.

audience parameter takes a value of the API identifier you have set in your Auth0 tenant, that you request access to (this way you should get the jwt token instead of an opaque token).

Also, just in case you missed it - the app registered in Auth0 that is calling the API resources should be allowed for this API (for the API in question, please go to the Machine to Machine Applications tab and toggle the Authorized button for the app in question).

Hope this helps - let us know!

Hello, and thank you @marcelina.barycka ! Well, I created this auth0 application as a ā€œRegular Web Applicationā€ and not as a ā€œMachine to Machineā€. The web application is a Next.js type application. I do not have a separate auth0 API created - only the regular web application.

Iā€™ve also used this nextjs-auth0 package to setup the authentication routes in the Next app. GitHub - auth0/nextjs-auth0: Next.js SDK for signing in with Auth0

Also is it truly an opaque token? The xml response has inside of it:

<access_token>alphaNum</access_token>

That seems like an access token, plain and simple, which I could use to make request for a resource from the third party provider, like:

https://www.swcombine.com/ws/v2.0/character/Testing%20Character?access_token=${accessToken}`

Thanks for following up!
In terms of your direct question (adding a custom request header), you should find the below section under your Custom connection ā†’ Settings:

https://auth0.com/docs/authenticate/identity-providers/social-identity-providers/oauth2#pass-static-parameters

Let us please know how it goes! Thanks!

That worked for me! Thank you for your time and help!

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.