Channels
lincheck
kobweb
koalaql
gsoc
kotlin-foundation
decouple
compose-android
hiring-french
benchmarks
china
philippines
ohio-kotlin-users
vankotlin
dublin
canada
nigeria
rhein-main
kodex
hacktoberfest
truth
portugal
romania
argentina
sg-user-group
korean
helsinki
functional
oldenburg
cambodia
vietnam
hungary
colorado
panamá
turkey
kotlin-samples
eclipse
kotlin-by-example
wwdc
denmark
thailand
build-tools
coimbatore
sofl-user-group
kotlintlv
udacityindia
quasar
spanish
kotlinbot
dckotlin
ge-kotlin
vim
croatia
javafx
kotlin-multiplatform-contest
osgi
brikk
revolver
tricity-kotlin-user-group
russian_feed
munich
estatik
karg
kotlintest
french
kotlin-in-action
gui
uae
georgia
kotlinlondon
polish
german-lang
kdbc
kotlin-asia
tampa
brazil
kotlin-logging
nepal
redux-kotlin
reduks
austria
armenia
spacemacs
android-databinding
hamburg
budapest
switzerland
minnesota
jadx
hexagon
boston
malaysia
istanbulcoders
aem
codingame
cucumber-bdd
newname
room
ass
atm17
kakao
cincinnati-user-group
arabic
emacs
karlsruhe
fluid-libraries
amsterdam
libgdx
books
ai
vuejs
talking-kotlin
codemash-precompiler
dsl
kotlingforbeginners
stuttgart
cork
kotlin-szeged
utah
jhipster-kotlin
hibernate
jpa
strikt
macedonia
kovenant
kotlin-fuel
kotlinacademy
prozis-android-backup
reductor
funktionale
realworldkotlin
events
google-io
graviton-browser
scotland
spring-security
domain-driven-design
connect-audit-events
bayarea
pinoy
uk
javalin
re
server
kgen-doc-tools
tempe
pakistan
swiss-user-group
kubed
effectivekotlin
refactoring-to-kotlin
cloudfoundry
kprompt
jshdq
alexa
minutest
code-coverage
geospatial
jasync-sql
russian-kotlinasfirst
juul-libraries
lanark
wimix_sentry
pdx
databinding
slovak
austin
androidgithubprojects
data2viz
introduce-yourself
cobalt
korlibs
script
new-zealand
stlouis
linkeddata
kroto-plus
libkgd
zircon
big-data
pocketgitclient
mirror
moonbean
kong
hamkrest
kaskade
effective-kotlin
arkenv
knote
testing
oolong
hackathons
mu
kotlinx-files
pyhsikal
build
coursera
trójmiasto
anko
speaking
kohesive
vienna
communities
kotson
klock
korim
kotrix
kobalt
korte
arrow-meta
algolialibraries
codeforces
koans
result
ktcc
seattle
japanese
forum
uniflow
korio
jackson-kotlin
koin-dev
helios
io
kash_shell
graphql
kafka
kaal
kotlinx-html
freenode
leakcanary
lambdaworld_cadiz
intellij-tricks
kotlin-csv
bulgaria
kbuild
kloudformation
mpapt
100daysofcode
kmdc
package-search
terminal
kmongo
kotlin-pakistan
inkremental
motionlayout
navigation-architecture-component
strife-discord-lib
general-advice
unkonf
awesome-kotlin
tallinn
machinelearningbawas
leedskotlinusergroup
stayhungrystayfoolish
kotest-contributors
edinburgh
skrape-it
anime
moldova
losangeles
testtestest
kotlin-pune
knbt
godot-kotlin
practical-functional-programming
tensorflow
swagger-gradle-codegen
bazel
100daysofkotlin
fuchsia
rxjava
texas
dev-core
clikt
cli
hyderabad
vkug
kinta
detekt-hint
kotlinultimatechallenge
spotify-mobius
pattern-matching
kotlin-plugin
mumbai
mvrx
cyprus
kotlin-spark
lottie
kontent
metro-detroit
kotlin-beam
kotlick
hoplite
cryptography
androidx
kotlinforbeginners
sudan
appintro
tunisia
kotlin-roadmap
kotlin-mumbai
collaborations
pbandk
competitive-programming
scrimage
kotlindl
fp-in-kotlin
python
memes
rocksdb
docs-revamped
jdbi
rsocket
meetkotlin
hikari-cp
firebase
proguard
popkorn
kmm-español
npm-publish
failgood
rpi-pico
kalasim
swing
forkhandles
compose-ui-showcase
kug-torino
web-mpp
students
kondor-json
deprecated
reports
kotlin-sap
carrat-dev
compose-hiring
carrat
carrat-feed
competitivecoding
jobsworldwide
kotlin-data-storage
skia-wasm-interop-temp
tegal
kotlin-website
couchbase
tgbotapi
videos
java-to-kotlin-refactoring
event21-community-content
twitter-feed
androidx-xprocessing
embedded-kotlin
san-diego
atrium
snake
javadevelopers
klaxon
bangladesh
androidthings
lets-have-fun
training
ecuador
new-mexico
montreal
fb-internal-demo
monsterpuzzle
internships
webrtc
arksemdevteam
image-processing
myndocs-oauth2-server
otpisani
love
rethink
chile
kotlintest-devs
beepiz-libraries
korau
uuid
spin
lychee
ktp
debugging
miami
atlanta
scrcast
kotlinprogrammers
corda
swarm
kotlinmad
india
krawler
fritz2
phoenix
nodejs
stacks
lithuania
dutch
kraph
indonesia
cscenter-course-2016
czech
greece
ukrainian
kotlinconf
teamcity
colombia
cn
nyc
graphkool
uruguay
kweb
singapore
turkiye
graphic
jxadapter
karachi
hongkong
oceania
kotlin-serbia
madrid
spain
kotlinsu
norway
latvia
southafrica
morocco
dfw
algeria
peru
israel
kotlin-latam
barcelona
mexico
sweden
vancouver
belgium
iran
australia
london
bydgoszcz
k2-early-adopters
exposed
meta
spek
confetti
naming
dokka
gamedev
rx
intellij-plugins
compose-mp
language-proposals
hiring
stdlib
coroutines
kodein
codereview
announcements
mockk
scripting
koin
ios
feed
serialization
spring
eap
test
kontributors
random
korge
compiler
detekt
redux
library-development
javascript
tornadofx
kotless
ktlint
kvision
moko
kug-leads
fosdem
refreshversions
hire-me
orbit-mvi
language-evolution
graphql-kotlin
arrow
android-studio
flow
grpc
compose
chucker
ktor
russian
ksp
kotest
reaktive
education
touchlab-tools
mvikotlin
apollo-kotlin
doodle
intellij
kotlinx-datetime
framework-elide
reflect
compose-desktop
jvm-ir-backend-feedback
komapper
gradle
glance
ballast
android-architecture
kgraphql
compose-web
science
ktfmt
chicago
android
micronaut
100daysofkotlin-2021
github-workflows-kt
python-contributors
mathematics
kotlin-inject
compose-wear
splitties
squarelibraries
compose-ios
decompose
realm
dagger
arrow-contributors
kotlin-native
react
vertx
advent-of-code
webassembly
codingconventions
getting-started
kapt
stackoverflow
italian
berlin
opensource
multiplatform
datascience
http4k
Title
a
Anders Kirkeby
03/15/2023, 6:10 PMHi all - I'm at a loss when it comes to the OAuth module with Ktor. I've based my code off of the ktor-sample project auth-oauth-google however, I'm using Strava as my OAuth provider.
The login route works, redirects to Strava and with the help of some logging I can see that the
authorization_code/login/authorization-callbackimport com.cndtns.auth.UserSession
import com.cndtns.scrapers.strava.models.SummaryActivity
import com.cndtns.strava.StravaConfig
import com.cndtns.strava.stravaOAuthRoutes
import io.ktor.client.*
import io.ktor.client.call.*
import io.ktor.client.engine.cio.*
import io.ktor.client.plugins.contentnegotiation.*
import io.ktor.client.plugins.logging.*
import io.ktor.client.request.*
import io.ktor.http.*
import io.ktor.serialization.kotlinx.json.*
import io.ktor.server.application.*
import io.ktor.server.auth.*
import io.ktor.server.engine.*
import io.ktor.server.html.*
import io.ktor.server.request.*
import io.ktor.server.resources.*
import io.ktor.server.response.*
import io.ktor.server.routing.*
import io.ktor.server.sessions.*
import kotlinx.html.a
import kotlinx.html.body
import kotlinx.html.p
import kotlinx.serialization.json.Json
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import java.lang.invoke.MethodHandles
val applicationHttpClient = HttpClient(CIO) {
install(Logging) {
level = LogLevel.BODY
} // default logging
install(ContentNegotiation) {
json(Json {
ignoreUnknownKeys = true
isLenient = true
})
}
}
fun main() {
embeddedServer(io.ktor.server.cio.CIO, port = 8080, module = Application::main).start(wait = true)
}
private fun Application.main(httpClient: HttpClient = applicationHttpClient) {
val redirects = mutableMapOf<String, String>()
install(Resources) // enable @Resource annotations
install(Sessions) {
cookie<UserSession>("user_session")
}
install(Authentication) {
oauth {
urlProvider = { "<http://localhost:8080/login/authorization-callback>" }
providerLookup = {
OAuthServerSettings.OAuth2ServerSettings(
name = "strava",
authorizeUrl = StravaConfig.AUTH_URL,
accessTokenUrl = StravaConfig.TOKEN_URL,
requestMethod = <http://HttpMethod.Post|HttpMethod.Post>,
clientId = StravaConfig.clientId,
clientSecret = StravaConfig.clientSecret,
defaultScopes = listOf("activity:read_all,read_all"),
extraAuthParameters = listOf("approval_prompt" to "auto", "response_type" to "code"),
passParamsInURL = true,
onStateCreated = { call, state ->
val redirectUrl = call.request.queryParameters["redirectUrl"] ?: ""
redirects[state] = redirectUrl
println("Redirect URL for state $state is $redirectUrl")
},
)
}
client = httpClient
}
}
routing {
authenticate {
get("/login/authorization-callback") {
val principal = call.authentication.principal<OAuthAccessTokenResponse.OAuth2>()
?: throw Exception("No principal was given")
val accessToken = principal.accessToken // TODO: Validate
val state = principal.state ?: throw Exception("No state was given")
call.sessions.set(UserSession(state = state, token = accessToken))
call.respondRedirect("/")
}
get("/login") {
call.respondRedirect("/")
}
}
get("/") {
call.respondHtml {
body {
p {
a("/login") { +"Login with Strava" }
}
}
}
}
get("/{path}") {
val userSession: UserSession? = call.sessions.get()
if (userSession != null) {
val activities: List<SummaryActivity> = httpClient.get("<https://www.strava/api/v3/athlete/activities>") {
headers {
append(HttpHeaders.Authorization, "Bearer ${userSession.token}")
}
}.body()
call.respondText("Here are your activities, ${activities.joinToString(", ") { "${it.id} - ${it.name}" }}!")
} else {
val redirectUrl = URLBuilder("<http://localhost:8080/login>").run {
parameters.append("redirectUrl", call.request.uri)
build()
}
call.respondRedirect(redirectUrl)
}
}
}
}a
Aleksei Tirman [JB]
03/16/2023, 6:55 AMSo does a client get redirected to the
/login/authorization-callbacka
Anders Kirkeby
03/16/2023, 8:15 AMNo it doesnt - tried setting breakpoints there, but it seems "blocked" by the surrounding "authenticate" block 🤔
It is definitely able to retrieve the access_token seen by logging the body respons on the HTTPClient, but it seems like the principal is never being set. I know the Strava token-endpoint responds with an additional "athlete"-entry, however I cannot find the place where it attempts to sett the token using the httpClient.
Correction, the browser is redirected back to the
/login/authorization-callbackTried using the google-oauth setup i linked and that seems to work flawless. Noticed that the reponse in the token request is quite different.
Google's:
{
"access_token": "...",
"expires_in": 3599,
"scope": "<https://www.googleapis.com/auth/userinfo.profile>",
"token_type": "Bearer",
"id_token": "..."
}{
"token_type":"Bearer",
"expires_at":1678972747,
"expires_in":14065,
"refresh_token":"...",
"access_token":"...",
"athlete":{}
}
}