I’m trying a TikTok login with my desktop app, follοwing these instructions.
So the auth url I’m trying is
www.tiktok.com/v2/auth/authorize/?scope=user.info.basic,video.publish&response_type=code&redirect_uri=http://localhost:51697&client_key=...&code_challenge=e7e8b89c2721d290cc5f55425491ecd6831355e91063f20b39c22f9ec6a71f91&code_challenge_method=S256
This code_challenge is a hex encoding of a SHA-256 of a test “ABCDEFGHIJKLMNOP” challenge.
Note that the TikTok’s JavaScript demo creates the same string
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js"></script>
<script>
function generateRandomString(length) {
return "ABCDEFGHIJKLMNOP";
}
// CryptoJS required
code_verifier = generateRandomString(16);
code_challenge = CryptoJS.SHA256(code_verifier).toString(CryptoJS.enc.Hex);
// e7e8b89c2721d290cc5f55425491ecd6831355e91063f20b39c22f9ec6a71f91
</script>
I get a code and then the claim of the Access Token fails, when passing to the token server (following instructions from here):
code=...&client_key=...&redirect_uri=http://localhost:51697&grant_type=authorization_code&code_verifier=4142434445464748494a4b4c4d4e4f50
This 414243 is the hex of ABCDEFGHIJKLMNOP
{"error":"invalid_request","error_description":"Code verifier or code challenge is invalid.","log_id":"..."}
What am I doing wrong?
By searching on PKCE it says that I have to base64url encode the hash but the TikTok guide doesn’t mention that.