404 message when trying to retreive API token

whitleystriber · February 22, 2019, 10:53am

Hello,

I’m writing my first Twitch app in Flask and I could use a few pointers. I’m currently trying to write an app to get the subscriber list for users that connect to a website that I will be hosting. I am sending this string to authorize users on the website:

https://id.twitch.tv/oauth2/authorize?client_id=CLIENT_ID_HERE&redirect_uri=http://localhost/post/&response_type=code&scope=channel:read:subscriptions">

It bring the user back with this response:
“GET /post/?code=CODE_HERE&scope=channel%3Aread%3Asubscriptions HTTP/1.1” 200 -"

Now, I know you need to trade that code for an oAuth token:

headers = {'Authorization': 'Bearer (%s)' % oauth}
get = requests.get('https://api.twitch.tv/helix',  headers=headers)

, but everytime I try to, I always receive a:

{"error":"Not Found","status":404,"message":""}

What exactly am I doing wrong? Do I need to change the code flow? Is that the wrong address to send that code for the oAuth token?

BarryCarlyon · February 22, 2019, 11:24am

As per the docs

The exchange URL is

POST https://id.twitch.tv/oauth2/token
    ?client_id=<your client ID>
    &client_secret=<your client secret>
    &code=<authorization code received above>
    &grant_type=authorization_code
    &redirect_uri=<your registered redirect URI>

Not to Helix

whitleystriber · February 23, 2019, 5:21am

Thank you for the response Barry. I tried what you said and am now receiving:

code=REMOVED
{"status":400,"message":"Invalid authorization code"}

<Response [400]>
127.0.0.1 - - [23/Feb/2019 00:17:58] "GET /post/?code=REMOVED&scope=channel%3Aread%3Asubscriptions HTTP/1.1" 200 -

oauth = str(oauth[28:58])
print(oauth)
get = requests.post("https://id.twitch.tv/oauth2/token?client_id=70abzn2qkdy5hv5z3eqv44895b7dyp&client_secret=REMOVED&code=(%s)&grant_type=authorization_code&redirect_uri=http://localhost/post/" % oauth)
print(get.text)
print(get)
return render_template('index.html', title='Home')

Any idea? Maybe its the way Flask is handling the HTTP requests? I’m certainly grabbing that code from the return URL and passing it into the post request. I tried to disconnect and reconnect my application as well.

EDIT: Fixed, this was happening because the post request needs to get sent after the GET request finishes. Have to learn Flask a little bit more to learn how to handle the data correctly. Thanks a bunch for your help.

BarryCarlyon · February 23, 2019, 10:35am

What Get Request?

Step 1 of oAuth is to REDIRECT the user off site to review the security dialog
Step 2 is capture the code from the incoming HTTP GET
Step 3 is the code for token POST dance

Please revoke this secret, you just leaked your Client Secret in violation of the Dev TOS

system · March 25, 2019, 10:35am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.