DIA
discord.js - Imagine an app11mo ago
Javi

Authorization code grant flow

Hey y'all first time discord.js user. I'm using the latest version, going through the Authorization code grant flow in the guide. It's saying I should be returning 
{
    "access_token": "an access token",
    "token_type": "Bearer",
    "expires_in": 604800,
    "refresh_token": "a refresh token",
    "scope": "identify"
}
{
    "access_token": "an access token",
    "token_type": "Bearer",
    "expires_in": 604800,
    "refresh_token": "a refresh token",
    "scope": "identify"
}
Except I don't get this back. My console is empty. I've tried changing response_type to code, and token, and neither of them return any information in my console. I'm not sure if i've missed a step but I've been staring at the guide for about an hour and a half to no avail. Here's my index.js just like the guide, for reference. 
const { request } = require('undici');
const express = require('express');
const { clientId, clientSecret, port } = require('./config.json');

const app = express();

app.get('/', async ({ query }, response) => {
    const { code } = query;

    if (code) {
        try {
            const tokenResponseData = await request('https://discord.com/api/oauth2/token', {
                method: 'POST',
                body: new URLSearchParams({
                    client_id: clientId,
                    client_secret: clientSecret,
                    code,
                    grant_type: 'authorization_code',
                    redirect_uri: `http://localhost:${port}`,
                    scope: 'identify',
                }).toString(),
                headers: {
                    'Content-Type': 'application/x-www-form-urlencoded',
                },
            });

            const oauthData = await tokenResponseData.body.json();
            console.log(oauthData);
        } catch (error) {
            // NOTE: An unauthorized token will not throw an error
            // tokenResponseData.statusCode will be 401
            console.error(error);
        }
    }

    return response.sendFile('index.html', { root: '.' });
});



app.listen(port, () => console.log(`App listening at http://localhost:${port}`));
const { request } = require('undici');
const express = require('express');
const { clientId, clientSecret, port } = require('./config.json');

const app = express();

app.get('/', async ({ query }, response) => {
    const { code } = query;

    if (code) {
        try {
            const tokenResponseData = await request('https://discord.com/api/oauth2/token', {
                method: 'POST',
                body: new URLSearchParams({
                    client_id: clientId,
                    client_secret: clientSecret,
                    code,
                    grant_type: 'authorization_code',
                    redirect_uri: `http://localhost:${port}`,
                    scope: 'identify',
                }).toString(),
                headers: {
                    'Content-Type': 'application/x-www-form-urlencoded',
                },
            });

            const oauthData = await tokenResponseData.body.json();
            console.log(oauthData);
        } catch (error) {
            // NOTE: An unauthorized token will not throw an error
            // tokenResponseData.statusCode will be 401
            console.error(error);
        }
    }

    return response.sendFile('index.html', { root: '.' });
});



app.listen(port, () => console.log(`App listening at http://localhost:${port}`));
and my index.html 
<!DOCTYPE html>
<html>
  <head>
    <title>My Discord OAuth2 App</title>
  </head>
  <div id="info">Hoi!</div>
  <a
    id="login"
    style="display: none"
    href="https://discord.com/api/oauth2/authorize?client_id=1128191375062605854&redirect_uri=http%3A%2F%2Flocalhost%3A53134&response_type=token&scope=identify"
    >Identify Yourself</a
  >
  <script>
    function generateRandomString() {
      let randomString = "";
      const randomNumber = Math.floor(Math.random() * 10);

      for (let i = 0; i < 20 + randomNumber; i++) {
        randomString = String.fromCharCode(33 + Math.floor(Math.random) * 94);
      }
      return randomString;
    }

    window.onload = () => {
      const fragment = new URLSearchParams(window.location.hash.slice(1));
      const [accessToken, toeknType, state] = [
        fragment.get("access_token"),
        fragment.get("token_type"),
        fragment.get('state'),
      ];

      if (!accessToken) {
        const randomString = generateRandomString();
        localStorage.setItem("oauth-state", randomString);

        document.getElementById("login").href += `&state=${btoa(randomString)}`;
        return (document.getElementById("login").style.display = "block");
      }
      if (localStorage.getItem('oauth-state') !== atob(decodeURIComponent(state))) {
        return console.log("You may have been clickjacked!")
      }
      fetch("https://discord.com/api/users/@me", {
        headers: {
          authorization: `${toeknType} ${accessToken}`,
        },
      })
        .then((result) => result.json())
        .then((response) => {
          const { username, discriminator } = response;
          document.getElementById("info").innerText += ` ${username}`;
        })
        .catch(console.error);
    };
  </script>
</html>
<!DOCTYPE html>
<html>
  <head>
    <title>My Discord OAuth2 App</title>
  </head>
  <div id="info">Hoi!</div>
  <a
    id="login"
    style="display: none"
    href="https://discord.com/api/oauth2/authorize?client_id=1128191375062605854&redirect_uri=http%3A%2F%2Flocalhost%3A53134&response_type=token&scope=identify"
    >Identify Yourself</a
  >
  <script>
    function generateRandomString() {
      let randomString = "";
      const randomNumber = Math.floor(Math.random() * 10);

      for (let i = 0; i < 20 + randomNumber; i++) {
        randomString = String.fromCharCode(33 + Math.floor(Math.random) * 94);
      }
      return randomString;
    }

    window.onload = () => {
      const fragment = new URLSearchParams(window.location.hash.slice(1));
      const [accessToken, toeknType, state] = [
        fragment.get("access_token"),
        fragment.get("token_type"),
        fragment.get('state'),
      ];

      if (!accessToken) {
        const randomString = generateRandomString();
        localStorage.setItem("oauth-state", randomString);

        document.getElementById("login").href += `&state=${btoa(randomString)}`;
        return (document.getElementById("login").style.display = "block");
      }
      if (localStorage.getItem('oauth-state') !== atob(decodeURIComponent(state))) {
        return console.log("You may have been clickjacked!")
      }
      fetch("https://discord.com/api/users/@me", {
        headers: {
          authorization: `${toeknType} ${accessToken}`,
        },
      })
        .then((result) => result.json())
        .then((response) => {
          const { username, discriminator } = response;
          document.getElementById("info").innerText += ` ${username}`;
        })
        .catch(console.error);
    };
  </script>
</html>
8 Replies
d.js toolkit
d.js toolkit11mo ago
- What's your exact discord.js npm list discord.js and node node -v version? - Not a discord.js issue? Check out #other-js-ts. - Consider reading #how-to-get-help to improve your question! - Explain what exactly your issue is. - Post the full error stack trace, not just the top part! - Show your code! - Issue solved? Press the button!
Javi
Javi11mo ago
discord.js@14.11.0
Unknown User
Unknown User11mo ago
Message Not Public
Sign In & Join Server To View
Javi
Javi11mo ago
Well that’s for making bots right? All I’m trying to do is authorize users, not necessarily make a bot, it’s in a section of the discord.js so I thought I could come here for help
Unknown User
Unknown User11mo ago
Message Not Public
Sign In & Join Server To View
Javi
Javi11mo ago
Right that was my understanding of it, thanks for the clarification
Unknown User
Unknown User11mo ago
Message Not Public
Sign In & Join Server To View
Javi
Javi11mo ago
Thanks for the tip!
Want results from more Discord servers?
Add your server
More Posts
Deno supportDo the discord.js subpackages work with deno?PronounsIs it possible to access a users Pronouns to display on a UserInfo command?<@&undefined>the collector:```js collector.on('collect', i => { if (i.user.id === interaction.user.id) Getting Clients Connected to Voice Channels without CacheI'm working on a bot that should help us see if people who signed up for an event are present in voito https://discord.com/api/v9/guilds/1009499262788313138/channels failed, reason: getaddrinfo ENOTFOto https://discord.com/api/v9/guilds/1009499262788313138/channels failed, reason: getaddrinfo ENOTFOHow to make a slash command that disable/enables other slash commands?Node -v 18.16.0 Discordjs v14.11.0Detect if an Ephemeral message is still onscreen?I am sending an Ephemeral message containing an embed to the user with interaction.reply. I store thDiscord.JS Feature RequestWill the functionality to extend the Structure of a class comeback sometimes?Moving from v13, autoArchiveDuration no longer accepts 'MAX' as it requires int32Hi! I'm working on migrating from v13 to v14, everything is going well except for one specific thingBad typings```ts export type RESTPutAPIGuildMemberResult = APIGuildMember | never; ``` must be ```ts export typ