0

I am trying to establish an "implicit" Oauth2 authorization flow for my test connect in R to StackOverflow via the StackExchange API.

I am in situation #3 of this related post, that specifies how to set the redirect_uri and other values in a lanugage-agnostic way.

I've taken the steps described, namely setting up the app on StackApps.com to enable implicit authentication.

I've replicated the linked instructions in R with the httr library, the only major adaptation is that apparently httr requires the client secret earlier in the process than StackOverflow actually requires it.

library(httr)

# in the StackApps answer stackoverflow.com was used here.
# that just took me to the landing page.

# the docs use this URI and it gets me closer but 
# it just says "Authorizing Application" with a blank page under that
#   and it never completes.
end <- oauth_endpoint(authorize   = "stackoverflow.com/oauth", 
                           access = "stackoverflow.com/oauth")


client_secret = "secret_code_here"

myapp <- oauth_app("myapp",
                   key    = "12665", # not a secret
                   secret = client_secret,
                   redirect_uri="https://stackexchange.com/oauth/login_success")


token <- oauth2.0_token(end,
                        myapp,
                        scope=NULL)
                        #,use_oob=T)

When I run my code a browser automatically opens and goes to StackOverflow.com. However, it just takes me to the landing page and Oauth never completes.

I tried it with use_oob=T and the only difference was that R prompted me for an authorization code that was never provided. enter image description here

Improve this question
5
  • 1
    I don't know R or the httr library, but that code doesn't seem setup for what the SE API requires. It should probably be authorize = "stackoverflow.com/oauth/dialog" for starters and scope can't be NULL. And is key actually sending client_id (in the HTTP request)? If not, that's a problem too. Commented Jun 16, 2018 at 6:14
  • @BrockAdams Oh, thank you again Brock!! You are the patron Saint of the API. I didn't know the scope couldn't be NULL. Fortunately the parameter it calls key actually maps to client_id in the URI. I will try some changes based on your comment and if that doesn't work I'll try a different library. Commented Jun 16, 2018 at 13:48
  • I also noticed something else super weird. If I try it without use_oob=T then I even though it leads to that screen and doesn't complete, there's an authorization code in the URI. So if I copy that, then re-run it without use_oob=T then I can paste the prior code I found in the URI as the Authorization Code. But that's terribly hacky. You see what I mean right? Basically it never works, but I can "hack" it by using info from 1 broken attempt to fix a different broken attempt lol. Commented Jun 16, 2018 at 13:51
  • @Hack-R have you the restriction of 10000 calls per day? Commented Jul 9, 2018 at 10:07
  • @Pozmanski Good question, but no. I never even really got 1 successful call (or if I did only 1). Commented Jul 9, 2018 at 14:04
Related questions
0
R httr POST request for signing in
17
Using oauth2.0 tokens with R's httr package
1
OAuth for a Stack Exchange API library?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.