OAuth2 无法使用 simple-oauth2 和 Firebase 函数返回身份验证令牌以进行 Spotify 身份验证

Question

按照 Firebase 团队为 Instagram HERE987654321@ 提供的类似教程，我一直在为 spotify 开发 oauth2 流程

我能够提交我的凭据并在 url 中返回用户代码和状态，但是当我运行提交代码以返回身份验证令牌的方法时，我在 Firebase 函数中打印到控制台的身份验证令牌返回：Auth Token Error Not Found。这是我的工作流程：

这是Spotify docs

首先，我有一个配置我的 spotifyOAuth 的功能：

function spotifyOAuth2Client() {
    // Spotify OAuth 2 setup
    const credentials = {
        client: {
            id: functions.config().spotify.clientid,
            secret: functions.config().spotify.clientsecret,
        },
        auth: {
            tokenHost: 'https://accounts.spotify.com',
            authorizePath: '/authorize'
        },
    };
    return require('simple-oauth2').create(credentials);
}

我在使用 https://us-central1-<my project string>.cloudfunctions.net/redirect 调用的 Firebase 函数中使用该函数：

exports.redirect = functions.https.onRequest((req, res) => {
    const oauth2 = spotifyOAuth2Client();

    cookieParser()(req, res, () => {
        const state = req.cookies.state || crypto.randomBytes(20).toString('hex');
        console.log('Setting verification state:', state);
        res.cookie('state', state.toString(), {
            maxAge: 3600000,
            secure: true,
            httpOnly: true,
        });
        const redirectUri = oauth2.authorizationCode.authorizeURL({
            redirect_uri: OAUTH_REDIRECT_URI,
            //scope: OAUTH_SCOPES,
            state: state,
        });
        console.log('Redirecting to:', redirectUri);
        res.redirect(redirectUri);
    });
});

上面的代码返回一个带有正确参数的 url 字符串，下面的代码块是我的代码中断的地方，我有另一个云函数在从上面的 res.redirect(redirectUri) 重定向后运行。当我尝试运行 getToken() 方法时，它似乎没有返回任何内容，因为我点击了 catch 块？这是我观察Auth Token Error Not Found的地方。

const oauth2 = spotifyOAuth2Client();

    try {
        return cookieParser()(req, res, async () => {
            console.log('Received verification state:', req.cookies.state);
            console.log('Received state:', req.query.state);
            if (!req.cookies.state) {
                throw new Error('State cookie not set or expired. Maybe you took too long to authorize. Please try again.');
            } else if (req.cookies.state !== req.query.state) {
                throw new Error('State validation failed');
            }
            console.log('Received auth code:', req.query.code);
            console.log(OAUTH_REDIRECT_URI);

            // Get the access token object (the authorization code is given from the previous step).
            const tokenConfig = {
                code: req.query.code,
                redirect_uri: 'http://localhost:8100/popup'
            };

            // Save the access token
            try {
                const result = await oauth2.authorizationCode.getToken(tokenConfig)
                const accessToken = oauth2.accessToken.create(result);
                console.log('inside try');
                console.log(result);
                console.log(accessToken);
            } catch (error) {
                console.log('Access Token Error', error.message);
            }

我在配置中仔细检查了我的 spotify 客户端/秘密凭据，这个 OAuth2 流程出了什么问题？

Answer 1

解决了我的问题，我没有使用正确的端点：

const credentials = {
    client: {
        id: functions.config().spotify.clientid,
        secret: functions.config().spotify.clientsecret,
    },
    auth: {
        tokenHost: 'https://accounts.spotify.com',
        authorizePath: '/authorize',
        tokenPath: '/api/token'
    },
};