React native PKCE expo authorization troubles

I have been trying to set up the PKCE authorization with an expo react native application. This went well, up until I tried to fetch the access token from the /oauth/token endpoint.

The relevant code:

import * as AuthSession from 'expo-auth-session';
import { pkceChallenge } from 'react-native-pkce-challenge';

const authorizationEndpoint = "https://{myurl}/authorize";
const accessTokenUrl = "https://{myurl}/oauth/token";
const {codeChallenge, codeVerifier} = pkceChallenge();
const redirectUri = AuthSession.makeRedirectUri();
  const [request, result, promptAsync] = AuthSession.useAuthRequest(
    {
      redirectUri,
      clientId: auth0ClientId,
      codeChallenge: encodeURIComponent(codeChallenge),
      codeChallengeMethod: AuthSession.CodeChallengeMethod.S256,
      responseType: 'code',
      scopes: ['openid'],
      extraParams: {
        audience: "{myaudience}"
      }

    },
    { authorizationEndpoint }
  );

Here I got the response:

{
  "authentication": null,
  "error": null,
  "errorCode": null,
  "params": Object {
    "code": "f7SPGa4iMvQUBnBI",
    "state": "lCVrP2kake",
  },
  "type": "success",
  "url": "{redirectURI}?code=f7SPGa4iMvQUCnAI&state=lCVrP2kaka",
}

fetch(accessTokenUrl, {
          method: "POST",
          headers: { "content-type": 'application/x-www-form-urlencoded' },
          body: JSON.stringify({
            code: encodeURIComponent(result.params.code),
            redirect_uri: encodeURIComponent(redirectUri),
            client_id: encodeURIComponent(auth0ClientId),
            grant_type: encodeURIComponent('authorization_code'),
            code_verifier: encodeURIComponent(codeVerifier)
          })

To this I got a 401 response:

 "error": "access_denied",
 "error_description": "Unauthorized",

Hi @Espenbfo,

Welcome to the Auth0 Community!

I understand that you have been encountering errors trying to exchange for an access token with your React Native App.

First, could you please clarify whether you are using one of our SDKs?

Next, have you taken a look at your Auth0 Dashboard Logs to see more details regarding the 401 Unauthorized error?

Could you please relay the error details to me to further assist you?

Looking forward to your response.

Thank you.

Did you ever get this resolved? We’re running into something similar and I’m wondering if expo-auth-session package is no longer working with Auth0.

We’re on Expo v44 now from v42 which was working, but v42 wasn’t supported in Expo Go anymore.

Hi @miguelfeliciano,

Unfortunately, @Espenbfo and I could never finish troubleshooting the issue any further.

If you are encountering a similar issue, could you please see if this solution helps with your situation?

Otherwise, could you please capture a HAR file and DM it to me to investigate further?

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.