question

coolcoderran avatar image
coolcoderran asked

Failed to get token

I follow the instructions to create an Android App for DRS from the developer guide. I can get authorizationCode from "LWA Mobile SDK Authorization Code Method (Android)" in page 13.

When I try to get the get the refresh token for future order process from "LWACODE FOR TOKEN EXCHANGE" in page 15, I am getting an error {"error_description":"Not authorized for requested operation","error":"unauthorized_client"}

Below is the code I am implementing in the doInBackground method.

 try {
                url = new URL("https://api.amazon.com/auth/o2/token");
                urlConnection = (HttpURLConnection) url.openConnection();
            } catch (IOException e) {
                e.printStackTrace();
            }
            if (urlConnection != null) {
                try {
                    urlConnection.setRequestMethod("POST");
                    urlConnection.setReadTimeout(10000);
                    urlConnection.setConnectTimeout(15000);
                    urlConnection.setDoOutput(true);
                    urlConnection.setDoInput(true);
                    urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
                    builder = new Uri.Builder()
                            .appendQueryParameter("grant_type", "authorization_code")
                            .appendQueryParameter("code", authorizationCode)
                            .appendQueryParameter("client_id",  clientId)
                            .appendQueryParameter("redirect_uri", redirectUri);
                    query = builder.build().getEncodedQuery();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                try {
                    os = urlConnection.getOutputStream();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                try {
                    BufferedWriter writer = new BufferedWriter(
                            new OutputStreamWriter(os, "UTF-8"));
                    writer.write(query);
                    writer.flush();
                    writer.close();
                    os.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                try {
                    resCode = urlConnection.getResponseCode(); [b]-----> HERE I AM GETTING RESPONSE CODE AS 400.[/b]
                    if (resCode == HttpURLConnection.HTTP_OK) {
                        in = new BufferedInputStream(urlConnection.getInputStream());
                        readStream(in);
                    }else{
                        in = urlConnection.getErrorStream();
                        readStream(in);
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                } finally {
                    urlConnection.disconnect();
                }
            }
            return null;
        }
        protected void onPostExecute(Void result) {
            // dismiss progress dialog and update ui
        }
      
        private void readStream(InputStream in) throws IOException {
            InputStreamReader isw = new InputStreamReader(in);
            BufferedReader brin = new BufferedReader(isw);
            char current;
            String inputLine;
            StringBuffer responsein = new StringBuffer();
            int data = isw.read();
            while (data != -1) {
                current = (char) data;
                data = isw.read();
                responsein.append(current);
                //System.out.print(current);
            }
            final String s1 = responsein.toString();
           
        }
login with amazon
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

rashmesh avatar image
rashmesh answered

> appendQueryParameter("client_id", clientId)

On the line above, check if the client id is same as the one in AmazonAuthorizationManager instance object's .getClientId().

If they are, request for the code verifier by passing the the code challenge method as plain.

bundle.putString(AuthzConstants.BUNDLE_KEY.CODE_CHALLENGE_METHOD.val, "plain");

If this works there is something wrong in the code validation using the SHA256 code challenge method.

10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.