Node - Oauth2 API [GOT CREATED]

Would it be possible to have a generic Oauth2 API that could be used for services that require it ?

(Examples include HealthMate, Todoist, etc)

Yes, I am sure it is possible, not sure how much work it would be though. I would have to look more into it. I was happy that I did not have until now as I do not have much experience with OAuth2. But agree that it would probably be important soon.

Oauth2 is usually not too complicated to implement, at least on the client side! :stuck_out_tongue:

With the proper base of authentication, a lot of new nodes could be added to the library quickly (Google APIs, Fitbit, MailChimp, Laravel based devs, Spotify, Discord, Vimeo, Mastodon, StackExchange and so much more).

Can’t wait to see n8n get to the next level, you rock @jan!

2 Likes

Ah yes, I guess there are now enough libraries around which help with that. I just remember that I tried to implement it once server-side and that there seemed to be multiple ways to authenticate via Oauth2 and so would also have to support all of them client-side.

Thanks a lot! I also!

What is the current status of Oauth2 implementation? I think it would be a widely used extension useful for many future nodes out there

Sadly nothing new. Everything is simply still to crazy that I did not have time yet to look into it.

No sadly did not look into libraries yet

What does this need to be implemented? I wonder what we can do to promote this feature, because it’s the foundation for so many nodes

A community memeber already started with it and I will try to finish it soon.

Cool, I’m definitly exited for it. SuiteCRM and Wazo integrations depend on it

Amazing, I see WIP (work in progress). Do you have a releasedate in mind already?

No, sadly not. It depends really on how much time I find between all the other things I have to do right now. But is already quite close. So if I find a few hours of uninterrupted working time, it should be done.

Yes it’s hard to find uninterrupted working time without downright blocking it in the schedule. And I’m sure you have high standards for such important key functionality. I’ll just keep my fingers crossed :crossed_fingers: and follow up from time to time

The OAuth integration is now ready to be tested. It can be found in this branch:
https://github.com/n8n-io/n8n/tree/oauth-support

The HTTP-Request Node supports it and allows so testing with different services. Please give it a try and get back to me if you run into any problems. So I can then fix them before it gets merged into master and released.

2 Likes

This is awesome, how can I run it on that branch?

Works exactly the same as the code in “main” so you can check the guide here:

The only difference is that after stop 1 (the git clone) you execute this, to get the code of the branch which contains the oauth code:

git checkout oauth-support

The rest will then be identical.

2 Likes

Hello, thanks again!

I’m testing the oauth-support tree (shows up as version 44?) and am wondering what the reply URL (= redirect URI) should be? From what I see in the code, I was expecting something like https://www.xxx.come/rest/oauth2-credential/callback.

I get the idea from the following line in Server.ts: redirectUri: ${WebhookHelpers.getWebhookBaseUrl()}rest/oauth2-credential/callback,

However I get rejected by Microsoft OAuth 2.0 service despite having registered the above Reply URL on Azure:

AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: {id}.

I may have missed something somewhere. Can you please confirm what the reply URL should be?

Thanks!

EDIT: Well, I quickly realized it makes sense http://localhost:5678/rest/oauth2-credential/callback is the valid Reply URL… but then I get stuck because Azure can’t access localhost directly. For now, I’ve hardcoded my host in the Server.ts but being able to modify the host from the Editor-UI would be a plus.

EDIT 2: Although the connection is successful, I get the error “ERROR: Unexpected token o in JSON at position 1” when trying to get the token. I guess I’ll investigate more:

ERROR: Unexpected token o in JSON at position 1

SyntaxError: Unexpected token o in JSON at position 1
    at JSON.parse (<anonymous>)
    at Object.execute (/home/xxx/n8n/packages/nodes-base/nodes/OAuth.node.ts:126:46)
    at Workflow.runNode (/home/xxx/n8n/packages/workflow/src/Workflow.ts:1147:28)
    at /home/xxx/n8n/packages/core/src/WorkflowExecute.ts:575:40

Sorry, do not understand what you mean with “shows up as version 44?”.

There should be no need to hardcode any URL. Simply make sure that you have configured n8n correctly. In this case, n8n simply has to know how it can be reached. Here this one is important:

About the JSON.parse problem you have. Do not use the OAuth-Node. It was just a simple test in the beginning to debug. Not sure if it is still functioning as quite a few changes have been made. To make an OAuth request, simply use the regular HTTP-Request Node. In the branch, it has OAuth support already built in.

I hope that helps.

1 Like

I just noticed this was different from the master but it’s nothing I guess:

For the “hardcoding”, everything works fine with the hook and the publishing so I don’t expect any misconfiguration but I’ll double-check since it should work without having to change anything.

And OK, I hadn’t noticed the new option for HTTP requests… makes sense! I now get the following error: ERROR: Unable to sign without access token Can you confirm that the scope separator is a space?

Yes, it should be a space. But do not know if that maybe differs with whomever you try to connect to.

The error message sounds like it did not receive an accessToken when you did the authentication. I would have expected that one always gets send no matter the scope but to have different access rights. So am surprised that it would be missing. The refresh token is, however, also normally only supplied if “offline” gets set so it is quite possible that it is “scope” related after all. Sadly no OAuth expert in any way. Sorry!