Hello. I have a problem with understanding OAuth2 through the additional login provider Miracl.
I created a new login provider. I set all the necessary fields for it, hopefully correctly. For Miracl, I specified a Callback URL with an attached domain and generated a link to go to the Miracl page for authorization.
After authorization in Miracl, I am redirected to the page /api/users/oauth/miracl/authorize?code=kAQsKNffdbdufeTQ&state=%2Fauth%2F where I get an error: “Authorization url link have been expired.”
Please tell me how I should process the data after redirecting to the page /api/users/oauth/miracl/authorize?code=kAQsKN42XhCceuvbdufeTQ&state=%2Fauth%2F
or what I need to do to successfully authorize. I’ve already watched the video on your channel on user management, but I didn’t find how the whole process works for custom providers, and I didn’t find information in the documentation on how to process data after redirection.
And it would be very nice if you added a provider like Miracl to the list of providers, since we still have many customers and many integrations will be in the future.
I’m in the process of looking for matching materials or examples. For now, I could offer you to read this article about logic providers configuration in general(for a case if you didn’t see it) Initial Configuration - Backendless REST API Documentation
Hi Dima, thanks for your reply. I have already read this article and have already done some of this and so far only the problem I described remains.
I will be very grateful if you can help me solve this problem, as I am now just stuck and do not know what to do next.
Yes, I have seen this video and it is very useful, but unfortunately, it discusses existing providers. One more thing I forgot to mention. I develop the frontend on another framework (Vue 3) and use backendless as a backend and server for static.
I need to understand how exactly the backend should process data for a custom provider and then I will figure out how to add it to the frontend.
It looks like Miracl does not return value in “state” param which was passed to it as part of “request authorization” link (the link which opens Miracl login in modal window).
Could you please check login flow manually using REST endpoints and ensure that value which is passed in “state” query param to Miracl is returned to “authorize” endpoint?
Hello Andriy,
I changed this and now Miracl after authorization redirects to this page /api/users/oauth/miracl/authorize?code=lZmshLBxRv0pOsEdWvAhlQ&state=authorize with the state= authorize
But I still get the error: Authorization url link have been expired.
Do I need to write some additional service to handle such situations?
Value for “state” query param is generated automatically by the server and represents UUID to which server binds internal data which then used during “/authorize” call.
Cold you please try to obtain authorization URL using this endpoint?
Please obtain URL from that endpoint, omit sensitive information from it except for “state” value and post it here.
I realized that I had misunderstood the meaning of a state because Miracl also needs one.
This is what the authorization url for Miracl looks like: MIRACL Trust Login
It is possible that the value code=lZmshLBxRv0pOsEdWvAhlQ is a unique code that needs to be stored in the database. But the fact is that this code is needed to get a token for the user.
To be honest, I don’t understand how Miracl and Backendless can be connected together, it’s the first time I’ve worked with authorization integration and I don’t understand what goes where and what I should do with all these confusing services.
Is it possible for Backendless to integrate Miracl using just a node.js server?
If so, could you please tell me at least roughly how this can be implemented and where this code can be placed in Backendless?
To use Miracl as login provider in your app you should use flow described here.
In general there are next steps:
Via Backendless API you obtain authorization URL.
URL from step #1 you open in controlled environment and show it to the user. This URL will lead user to Miracl trust login page.
User logins on OAuth2 provider side and after successful login provider calls Backendless “…/authorize” endpoint.
Backendless fetches all required user info from OAuth2 provider side, creates user, creates auth token for him and return that token along with user data.
The “state” value, about which I wrote before is automatically generated by Backendless and included to the authorization link from step 1. This value will later be returned by OAuth2 provider on step 3. If it is not returned or returned some wrong value then Backendless assumes that there is attempt to hack login and returns an error.
Have you followed closely steps which I mentioned before you got your error?
Andriy, thank you for the detailed explanation. At the moment, I didn’t quite understand the first point, but it’s clearer now, thank you. Now I will try to deal with it in detail, and if not, I will write again
In most cases you do not need to add additional params to it. Optional params for this endpoint are described here
I recommend you at first just to play around with the autorization flow and see how it works and how it returns data. When you understood it you can try to implement this flow grammatically in your code.