Discord OAuth: Unsupported Grant Type

ValiantWind · March 20, 2023, 7:20pm

Hello everyone. I’m attempting to get the OAuth data from the user who authorizes from my discord OAuth URL:

import express, { Request, Response } from "express";
import axios from "axios";

const clientId = "CLIENT_ID"
const clientSecret = process.env.discordClientSecret;


const router = express.Router()

router.get("/discord/users/user-info", async (req: Request, res: Response) => {
	const code: any = req.query.code;

	const params = new URLSearchParams()
	params.append('client_id', clientId);
	params.append('client_secret', clientSecret);
	params.append('code', code);
	params.append('grant_type', 'authorization_code');
	params.append('redirect_uri', 'https://api.valiantwind.dev/discord/users/user-info');
	params.append('scope', 'identify');

	if (code) {
		try {
			await axios.post('https://discord.com/api/oauth2/token', {
				data: params.toString(),
				headers: {
					'Content-Type': 'application/x-www-form-urlencoded',
				},
			}).then(response => {
				console.log(response.data)
			})
		} catch (error) {
			console.error(error);
		}
	}
	return res.sendFile(__dirname + "/discord-user-info.html")

})


export default router;

but I keep on getting the error “unsupported_grant_type”. I know the grant type is correct, and I’ve looked online but I can’t seem to find the solution. Can someone help me with this please?

The OAuth link works, and I get redirected back, but I still get the error after I get redirected.

Sky · March 21, 2023, 5:42am

Probably because you don’t use the OAuth API to get the user information, you actually just use https://discord.com/api/users/@me. Here’s a Python example of the r/q:

import requests

def _info(token: str = ""):
    return requests.get(
        "https://discord.com/api/users/@me",
        headers={"Authorization": f"Bearer {token}"},
    )

print(
  _info("the oauth user token")
)

ValiantWind · March 21, 2023, 5:45am

Right now I’m just attempting to get the refresh and access token. The userinfo part hasn’t come yet.

Sky · March 21, 2023, 5:46am

I don’t remember there being a scope param hmm.

ValiantWind · March 21, 2023, 5:49am

Dang you’re right. I’m a fool. Let me try removing that. If that’s the reason, then the error message is very misleading.

Sky · March 21, 2023, 5:52am

Yeah b/c everything looks correct, from the last time I touched OAuth API (couple months ago) nothing seemed to change so.

ValiantWind · March 21, 2023, 5:57am

I still get the same error after removing the scope

Sky · March 21, 2023, 6:02am

Idk but here’s a Python Discord OAuth API wrapper:

import requests

class DisOAuther:
    def __init__(
      self, 
      _client_id, 
      _client_secret, 
      _redirect_uri, 
      _guild_id
    ):
        self._client_id = _client_id
        self._client_secret = _client_secret
        self._redirect_uri = _redirect_uri
        self._guild_id = _guild_id
        self._session = requests.Session()

    def oauth(self, code: str):
        _res = self._session.post(
            "https://discord.com/api/oauth2/token",
            headers={"Content-Type": "application/x-www-form-urlencoded"},
            data={
                "client_id": self._client_id,
                "client_secret": self._client_secret,
                "grant_type": "authorization_code",
                "code": code,
                "redirect_uri": self._redirect_uri,
            },
        )
        if "Cloudflare" in _res.text:
            return "IP Blocked"
        else:
            return _res.json()["access_token"]

    def guild_pull(self, bot_token: str, user_token: str, user_id: int):
        _res = self._session.put(
            f"https://discord.com/api/guilds/{self._guild_id}/members/{user_id}",
            headers={
                "Authorization": f"Bot {bot_token}",
                "Content-Type": "application/json",
            },
            json={"access_token": user_token},
        ).json()
        return _res

    def get_userinfo(self, token: str):
        _res = self._session.get(
            "https://discord.com/api/users/@me",
            headers={
                "Authorization": f"Bearer {token}",
                "Content-Type": "application/json",
            },
        )
        return _res.json()

ValiantWind · March 21, 2023, 4:05pm

That doesn’t help me at all since I don’t code in Python…

Nicolello · March 21, 2023, 7:28pm

Have you tried looking at this?

Sky · March 21, 2023, 11:58pm

It has all required data, endpoints, headers, etc. Should be easy to convert the code to Node JS.

ValiantWind · March 21, 2023, 11:59pm

Not really, since I have zero experience in Python

youngchief · March 22, 2023, 12:00am

Your logic doesn’t make sense, it presumes an intermediate-level experience in both JS and Python.

Sky · March 22, 2023, 12:05am

Is it that hard, my bad I don’t know b/c I don’t find it that hard to copy certain code from other langs over to Python :).

ValiantWind · March 22, 2023, 12:17am

Maybe for you, but not for me. You shouldn’t assume others have the same skillset as you.

Can anyone else help me fix the issue please?

Sky · March 22, 2023, 12:19am

Do you look at the link @Nicolello sent, it seems promising.

ValiantWind · March 22, 2023, 3:21am

Yes, and the provided solution from the link didn’t help me. Otherwise, I would’ve already marked their reply as the solution for the post.

ValiantWind · March 23, 2023, 6:11pm

For some reason, switching from axios to undici’s request fixed the issue. Thanks for the help everyone.

system · March 30, 2023, 6:12pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.