I am trying to authenticate my third party app against a Reddit account using oauth.
I first hit this endpoint
let authorizationUrl = https://www.reddit.com/api/v1/authorize?client_id=${redditClientId}&response_type=code&state=${state}&redirect_uri=${oAuthCallbackURL}&duration=permanent&scope=${scopes};
and then I was sent a code to my callback url
then I hit the next endpoint like this:
let accessTokenUrl = `https://www.reddit.com/api/v1/access_token`;
let accessTokenRequest = new URLSearchParams();
accessTokenRequest.append("grant_type", "authorization_code");
accessTokenRequest.append("code", code);
accessTokenRequest.append("redirect_uri", oAuthCallbackURL);
let redditClientId = process.env.REDDIT_CLIENT_ID;
let redditSecret = process.env.REDDIT_SECRET;
const clientIdAndSecretBase64 =
Buffer.from(`${redditClientId}:${redditSecret}`).toString('base64');
try {
let authorizationCodeResponse = await axios.post(accessTokenUrl, accessTokenRequest, {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': `Basic ${clientIdAndSecretBase64}`
}
});
let { data } = authorizationCodeResponse;
console.log(authorizationCodeResponse);
console.log(`Reddit OAUTH Response=${JSON.stringify(data, null, 2)}`);
} catch (e) {
console.log(e);
}
But all I keep getting back is this error:
Reddit OAUTH Response={
“error”: “invalid_grant”
}
On careful observation of Reddit docs I saw a line that says invalid_grant is only thrown when
The code has expired or already been used
This makes no sense because during the testing phase I forgot to save the access token. I should be able to reinitiate this request anytime. Why this limitation? I wanted to really see what the response is like before saving the access token. Now, clearly it seems there is no way to resolve this issue.
But any insight will be really appreciated.