Need help to build OAuth 2.0 Authentication flow

Hi,

I am trying to do the OAuth 2.0 authentication using Node-red. I have a noise sensor called Minut which is a pretty famous noise sensor in commercial use cases such as AirBNB. Below is their API documentation from the website: Minut API documentation

I am able to test the API using Postman by creating the bearer token which expires after a while and I need to regenerate it again manually. Now I want to keep pulling the events from the device and push them to a database I have set up. I have cliend_id, client_secret, and redirect_uri from their support team for my device. By reading their API documentation it is understood that Authentication produces an Access token and refresh token. When the access token expires, the refresh token can be fed back to the server to produce an updated access token and optional refresh token. I believe that I should be having two HTTP request nodes with one function node in between to store the tokens I receive. I am not sure how can I store them as a global variable which updates automatically when injected and handles the authentication that returns the requested Events data from the API server. Could you please help me in generating this flow?

Kind regards,
Amit Kulkarni

https://flows.nodered.org/search?term=Oauth

Awesome, I did not know there is a dedicated Oauth 2.0 node. I will use it and let you guys know if it worked. Thank you, Steve!

Hi,

I pulled the Oauth2 node down in nodered and below is the initial test flow I have setup :

Screenshot 2023-05-02 at 4.28.42 pm1102×104 12.3 KB

Below are the settings in Oauth2.0 node (Hidden username and client id for security) :

Screenshot 2023-05-02 at 4.30.17 pm513×871 52.5 KB

Not sure but I have added the below header as given in API documentation :

To see the response I added below code in function node :

var payload = msg.oauth2Response;
return msg;

Well, not sure how the access token will pop-up in below http request node to query the information, Do I use any headers hear? :

Screenshot 2023-05-02 at 4.36.00 pm525×871 38.1 KB

OAuth 2.0 returns HTTP 200, ok status but Debug node is just showing 'Unauthorized'. And if I remove HTTP request node it shows the timestamp.

Could you please guide me to understand how do I build above flow?

Please refer : RFC 6749: The OAuth 2.0 Authorization Framework

Also, I am using the below link as an Access Token URL as instructed in minut api documentation :

htps://api.minut.com/v8/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI

I insert client_id and redirect_uri as provided by their support team for my device.

Screenshot 2023-05-02 at 4.43.57 pm1391×495 55 KB

Minut API document : Minut API documentation

Do you get your access token from the OAuth2 node?
if so, your almost there:

Pass in a headers object to the request Node, and untick Use authentication on the Node also, I could be wrong, but the auth details cant be taken from a msg part in the node config

msg.headers = {
    "Authorization": `Bearer ${msg.oauth2Response.access_token}`,
}

I am not sure if I am receiving access_token from the OAuth2.0 node. How do I make debug show that?

Below is the flow I built and passed the token as Marcus suggested via the function node :

Screenshot 2023-05-03 at 9.39.00 am1145×123 13.2 KB

msg.headers = {
    "Authorization": `Bearer ${msg.oauth2Response.access_token}`,
};
return msg;

It returned a 401 error, which means I am not receiving access_token.

Also, how does the refresh token work when access_token expires and how to use it in the flow?

Add a debug node to the OAuth output and set output to show complete msg object

Below is the complete msg object :

Screenshot 2023-05-03 at 10.48.28 am370×638 53.6 KB

Here is how I receive access_token manually :
The URL given below I use in the Oauth2.0 node as an access token URL, if opened in browser takes us to the login page of minut sensor, I log in there, accept terms and conditions, then receive the authorization code embedded in the URL.

htps://api.minut.com/v8/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI

Screenshot 2023-05-03 at 10.52.50 am1680×743 44.4 KB

Code I receive after accepting :

Then I fill the token endpoint form given in minut api document as given below and I receive access token once I hit the query - Minut API documentation

Screenshot 2023-04-18 at 10.12.14 am1450×943 76.6 KB

Screenshot 2023-05-03 at 11.05.07 am1447×300 30.2 KB

Maybe try https://api.minut.com/v8/oauth/authorize for the URL in the OAuth2 node.

Whilst I use OAuth2 in work, I'm not 100% on its structure. Many pros here that do, but maybe the URL fix may get you the token

The function JS code I posted I use often, and the authorize Url's do not have any parameters

Hello,

I am pleased to inform that I have successfully establish oauth2.0 and now receiving the access token to fetch the data via API.

Below is the flow I setup:

Screenshot 2023-05-10 at 2.25.23 pm1362×123 15.4 KB

let refreshToken = global.get('refreshToken');
let code = global.get('code');

msg.oauth2Request = { 
  "access_token_url": "https://api.minut.com/v8/oauth/token",
  "authorization_endpoint": "https://api.minut.com/v8/oauth/authorize",
  "credentials": {
    "grant_type": "client_credentials",
    "client_id": "<client id>",
    "client_secret": "<client secret>",
    "scope": "read",
    "refresh_token": refreshToken,
    "code": code
  },
};
console.log(refreshToken);
console.log(code);

I passed the above code to oauth 2.0 node and it returned the access token. and then used Marcus's JS code to pass the token to HTTP node. Thank you Marcus !

Below is the resulting output from the noise sensor API server :

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.