Community Help

donsrle · ‎08-21-2016

I am trying to create 3rd party app following LTI standard. I am hosing canvas locally on VM. I am using self-signed certificate and set https requests to external tool.

I need token in order to make API calls to Canvas.

I am stuck at the step 3 of getting access_token. Even though I am able to complete step 1 (passing 'scope=/auth/userinfo') and get the code when I try to POST that code in step 3 to /login/oauth2/token along with additional parameters from spec OAuth2 - Canvas LMS REST API Documentation , I am getting JSON response in format:

{

"access_token": null,

"user: { "id" : 1,

"name": "mail@address.com"

}

This is my code (c#):

public static string GetAccessToken(string code)

{

string retVal = String.Empty;

string returnUrl = "https:localhost:63333/httphandlers/OAuthComplete.ashx";

string fullUrl = "http:localhost:3000/login/oauth2/token";

var request = (HttpWebRequest)WebRequest.Create(fullUrl);

request.Method = "POST";

var postData = string.Empty;

// adding post data

postData = UIHelper.AppendRequestParameter(postData, "client_id", ConfigurationManager.AppSettings[Constants.AppSettingsKeys.DeveloperClientId]);

postData = UIHelper.AppendRequestParameter(postData, "client_secret", ConfigurationManager.AppSettings[Constants.AppSettingsKeys.DeveloperSecretKey]);

postData = UIHelper.AppendRequestParameter(postData, "grant_type", "authorization_code");

postData = UIHelper.AppendRequestParameter(postData, "redirect_uri", HttpUtility.UrlEncode(returnUrl));

postData = UIHelper.AppendRequestParameter(postData, "code", code);

var data = Encoding.ASCII.GetBytes(postData.TrimStart('?'));

request.ContentType = "application/x-www-form-urlencoded";

request.ContentLength = data.Length;

using (var stream = request.GetRequestStream())

{

stream.Write(data, 0, data.Length);

}

var response = (HttpWebResponse)request.GetResponse();

retVal = new StreamReader(response.GetResponseStream()).ReadToEnd();

return retVal;

}

It could be something trivial but I am not able to figure it out why I am not able to get access_token.

Thanks in advance,

Srdjan

javierht · ‎10-24-2016

After lot of testing, I finally found the solution and could get the access_token. I stopped passing the string 'auth/userinfo' as the scope parameter in the GET login/oauth2/auth request and the POST request returned the expected access token value.

I hope it can help you, because I think that it is not clearly described in the documentation.

View solution in original post

kona · ‎08-21-2016

@donsrle , due to the technical nature of this question I'm going to share it with the Canvas Developers group in the Community! Hopefully with their assistance you can get help with this!

donsrle · ‎09-14-2016

More details on this.

I am not sure what does it mean by " Canvas will not give a token back as part of a userinfo request. It will only provide the current user's name and id." in last paragraph in this location OAuth2 - Canvas LMS REST API Documentation ? During step 1 I am calling canvas by passing '/auth/userinfo' in order to get code, not token if I am correct? And when I use that code to call step 3 in order to get token I am getting JOSN:

{\"access_token\":null,\"token_type\":\"Bearer\",\"user\":{\"id\":1,\"name\":\"User Name\"},\"expires_in\":114}.

As you can see expiration time decrease by time starting from 3600. After one hour I am redirected to Authorization page.

If I check my canvas account new access token is added with expiration time set to 1h. Token value is: protected, not some specific value.

How can I call API when I do not have token which will be set in the header of API calls?

Any help please?

Srdjan

javierht · ‎09-23-2016

Hi Srdjan Donevsky,

I am having exactly the same problem in a Canvas installation hosted by instructure.com. The answer to the POST request to get the access token, as described in OAuth2 Endpoints - Canvas LMS REST API Documentation, should be an JSON containing the access_token. However, the access token returned is always null.

I had previously tested the same OAuth2 process with an installation hosted by our own server and it worked fine. In fact, it keeps working fine, what makes me think that is not a problem of how I am implementing these requests.

Do you have any news on that problem?

donsrle · ‎09-23-2016

Hi @javierht ,

no, still nothing. As in spec stands: "Canvas will not give a token back as part of a userinfo request. It will only provide the current user's name and id." I thought it was related to my implementation as this is a known thing. Issue is posted over month ago but without answer.

Related to your implementation, do you send userinfo by the first request, do you store user's token somewhere or maybe it is related to certificates or visibility of your tool from outside? Maybe there are some settings inCanvas backoffice where you could set this behavior but I am not aware of those?

I hope after your comment someone will reply to this at last...

javierht · ‎09-23-2016

Thanks for your quick answer.

I am passing the string 'auth/userinfo' as the scope parameter in the GET login/oauth2/auth request. The redirection into a url from my server is also working and I can get the code in order to provide it in the POST login/oauth2/token request. Nevertheless, the response to that POST request is a JSON with an access token null. The grant_type parameter is authorization_code.

I simply created a developer key in the 'developer key' section of the site with a redirect uri in order to get the client_id and client_secret values. Just the same that I did with the installation hosted by our own server that works fine.

javierht · ‎10-24-2016

After lot of testing, I finally found the solution and could get the access_token. I stopped passing the string 'auth/userinfo' as the scope parameter in the GET login/oauth2/auth request and the POST request returned the expected access token value.

I hope it can help you, because I think that it is not clearly described in the documentation.

JonathanDyason1 · ‎02-14-2022

Thank you!

You're signed out

null access_token

Community Help

View our top guides and resources: