How do I get Authorization code?

Nirbhay_Mehta · January 13, 2021, 12:19am

For OAuth Authorization Code Flow this is the process which I found from documentation and one of the posts.

Step 1 - send user to loginRedirectURL https://id.twitch.tv/oauth2/authorize
where I accepted/authorized the connection
Step 2 - user is sent to your redirectURI with a code https://<your registered redirect URI>/?code=<authorization code>
Step 3 -you exchange the code for a token, aka tokenExchangeURL https://id.twitch.tv/oauth2/token

Here my question is how do we get code in step 2 programmatically?

Is there any specific library? I was thinking of using python requests or urllib library?

3ventic · January 13, 2021, 11:36am

How you get the query or search parameter depends on the HTTP server and/or library you’re using. Refer to the documentation for the library you’re using.

Nirbhay_Mehta · January 13, 2021, 4:50pm

Can you suggest which library i can use to get the code?
For me its working fine is POSTMAN or in browser just want to know how I can get redirected url code link via Python

BarryCarlyon · January 13, 2021, 4:54pm

Firs google result, describes a python solution

Nirbhay_Mehta · January 13, 2021, 5:09pm

i reviewed it but what I’m having issue is described below
authorize_url = “https://api.twitch.tv/kraken/oauth2/authorize”
client_id = “Something”
RESPONSE_TYPE=code
SCOPE = “analytics:read:games”
COMPLETE_URL = authorize_url+“?client_id=”+client_id+“&redirect_uri=”+callback_uri+“&response_type=”+RESPONSE_TYPE+“&scope=”+SCOPE
print(COMPLETE_URL)
r = requests.head(url=COMPLETE_URL,allow_redirects=True)
print(r.url)

Output recieved:

But the output expected should be
http://localhost/?code=Some CODE l&scope=analytics%3Aread%3Agames

Nirbhay_Mehta · January 13, 2021, 5:11pm

BarryCarlyon

So I want to know which method I should be using is requests or urllib library or any other library which would give me that URL

BarryCarlyon · January 13, 2021, 5:12pm

The first step of outh is to redirect the user to Twitch

You seem to be making a HEAD request.

There is no need to @ people. The Forum notifies me when you reply.

Nirbhay_Mehta · January 13, 2021, 5:14pm

I’m new to the platform. Yes I won’t use ‘@’

Also requests. get gives the same response
r = requests.get(url=COMPLETE_URL,allow_redirects=True)

Instead can you suggest what I should be using?

BarryCarlyon · January 13, 2021, 5:17pm

You shouldn’t be GETting or POSTing or HEADing at all

You need to be redirecting the user to Twitch to accept or deceline your apps access to their account.

Like in this implicit auth example

https://barrycarlyon.github.io/twitch_misc/authentication/implicit_auth/

Step 1) Redirects you to Twitch.
Step 2) Accept or decline
Step 3) you come back with an access token or an error message

With regular oAuth, like what you are doing

Step 1) Redirects you to Twitch.
Step 2) Accept or decline
Step 3) user comes back with a ?code or an error message
Step 4) Exchange the ?code for an access and refresh token

Nirbhay_Mehta · January 13, 2021, 5:24pm

So i’m able to redirect and have “Authorized” like this

So next time when I paste the URL in browser I get the code but the same if I want to do it with Python can you suggest what I should be doing?

BarryCarlyon · January 13, 2021, 5:26pm

Your Python website presents a link for users to click on
users click the link and are taken to Twitch
users accept/decline the apps access
user comes back to your python website with a ?code or error message
you exchange the ?code for an access token/refresh token

Nirbhay_Mehta · January 13, 2021, 5:27pm

Does this require Server side programming like Flak or such library?

BarryCarlyon · January 13, 2021, 5:28pm

Yes you’ll need something “websitey” since you’ll need to present a website for users to provide the initial access token for their account

Nirbhay_Mehta · January 13, 2021, 5:32pm

I’m using TWITCH API for some data collection and was thinking if I can do everything automatically by parsing and no manual efforts but looks like from what you’re saying some server side programming or “webistey” would be required

Nirbhay_Mehta · January 13, 2021, 5:32pm

Is that correct understanding?

BarryCarlyon · January 13, 2021, 5:33pm

if you are accessing public data then you can generate a “Client Credentials” token instead.

Which only needs a single post request.

Your original post was asking about how to get the ?code= from step 2

Nirbhay_Mehta · January 14, 2021, 12:21am

I reached maximum limit reply so couldn’t reply

I’m trying to get Twitch data from "Get Game Analytics - https://dev.twitch.tv/docs/api/reference/#get-game-analytics

Still I need to use Client-Credentials? In Client credentials I’m able to do Post Command and retrieve Access Token but that access token cannot be used in “Get Game analytics” pipeline it then throws an error 401. -"Missing User Authentication "

BarryCarlyon · January 14, 2021, 12:43am

This requires to you own a game on Twtich after having created an organistation and claimed a game.

This API endpoint will require a user access token

Nirbhay_Mehta · January 14, 2021, 12:45am

Yes i’m aware.
When you say User Access Token how can I get one?

BarryCarlyon · January 14, 2021, 12:45am

We already covered this in this thread already