I’m building authentication for a NodeJS app with Realm.
I’ve followed the docs to get Facebook and Google OAuth2 authentication working but Realm is not able to process the tokens properly.
The error message for Facebook is message: 'expected either accessToken, id_token or authCode in payload', code: 47
The error message for Google is message: 'error exchanging access code with OAuth2 provider', code: 47
I have my client IDs and secrets set up correctly so I don’t think this is the issue.
The tokens are I get from Google and Facebook seem correct and I am submitted them as strings to Realm.Credentials and then myRealmApp.logIn.
Can anyone provide advice on what I am missing?
Error messages from Realm logs:
Server code (copy-pasted from Vim; ignore the at the end of the lines):
63 async function loginFacebook(accessToken) { 64 // Log the user in to your app$ 65 console.log(“ACCESS TOKEN”); 66 console.log(accessToken); 67 const credentials = Realm.Credentials.facebook(accessToken); 68 console.log("CREDENTIALS"); 69 console.log(credentials); 70 await realm.logIn(credentials) 71 .then(user => { 72 console.log(`Logged in with id: {user.id});$ 73 }).catch(console.error);$ 74 }$ 75 $ 76 /**$ 77 * Associate a Google login with a Realm user.$ 78 */$ 79 async function loginGoogle(id_token) {$ 80 // Log the user in to your app$ 81 console.log("ID TOKEN");$ 82 console.log(id_token);$ 83 const credentials = Realm.Credentials.google(id_token);$ 84 console.log("CREDENTIALS");$ 85 console.log(credentials);$ 86 await realm.logIn(credentials)$ 87 .then(user => {$ 88 console.log(
Logged in with id: {user.id}`); 89 }).catch(console.error); 90 } 91 92 /** 93 * App endpoints$ 94 */ 95 app.post('/login', (req, res) => { 96 provider = req.body.provider; 97 if (! provider) { 98 res.status(400).send(‘No authentication provider provided’); 99 } 100 switch (provider.toLowerCase()) { 101 case 'facebook': 102 accessToken = req.body.accessToken; 103 if (! accessToken) { 104 res.status(400).send(‘Missing access_token’); 105 } 106 return loginFacebook(accessToken).catch(console.error); 107 break; 108 case ‘google’: 109 id_token = req.body.id_token; 110 if (! id_token) { 111 res.status(400).send('Missing id_token'); 112 } 113 return loginGoogle(id_token).catch(console.error);
…
Requests from login page (the tokens appear to be correctly sent to the back-end):
10 realmFacebookLogin = async function(fbResponse) { 11 accessToken = fbResponse.authResponse.accessToken; 12 await fetch(’/login’, { 13 method: 'POST', 14 headers: { 15 'Content-Type': 'application/json' 16 }, 17 body: JSON.stringify( 18 { 19 accessToken: accessToken, 20 provider: ‘facebook’ 21 } 22 ) 23 }); 24 25 const content = await rawResponse.json(); 26 27 console.log(content); 28 } 29 30 async function realmGoogleLogin(googleUser) { 31 const id_token = googleUser.getAuthResponse().id_token; 32 await fetch(’/login’, { 33 method: 'POST', 34 headers: { 35 'Content-Type': 'application/json' 36 }, 37 body: JSON.stringify( 38 { 39 id_token: id_token, 40 provider: ‘google’ 41 } 42 ) 43 }); 44 }$