Expand my Community achievements bar.

Native App oAuth 2.0 Flow

Avatar

Level 1
Level 1
6/24/23 12:55:48 PM

Hi community, I am new here, if this is a basic question please bare with me. 

 

I am trying to write a python script on my Mac that would read keywords I created for my fotos in Lightroom CC by using the LR API. 

 

I am failing at the basics: getting an access token. 

 

Here is what i did:

I created a project in developer console with "oauth native app" credentials and connected the lightroom services.  

 

I wrote a python script with the oAuth 2.0 PKCE flow. 

The script starts a local https server on port 8000 with a self-signed ssl certificate and then uses chrome to initiate the oauth flow. When I run the script, it opens the following URL:

 

https://ims-na1.adobelogin.com/ims/authorize?client_id=<the client id shown in the developer console>&response_type=code&code_challenge=<challange>&code_challenge_method=S256&scope=openid%2CAdobeID&redirect_uri=https%3A%2F%2Flocalhost%3A8000

 

I then log in to adobe using my google account.

Next I see a dialog asking me to give consent to allow the app access the API - everything looks like oAuth 2.0 standard so far. I click on "Allow Access". 

The next step is the problem: I see an endless spinning wheel and the browser does not continue from here. 

In the debugging tools i can see that the browser tries to open an invalid URL.

In the browser console I see an error: 

 

"Failed to launch 'adobe+01ea1c47e021cbcb340dd72c8e13b4e399951211://adobeid/<my client id>?code=eyJ.....<some code here>' because the scheme does not have a registered handler. 

Obviously, this is an invalid URL and the browser complains not knowing what looks like an URL schema "adobe+01...://".

 

Hence, my local https server never receives a response it could parse to get the authorization code.

 

What am I doing wrong? 

I couldn't find anything in the documentation or on the Internet. 

I found some places ask to add the redirect_uri to to an allow-list. But, when I create "Native App" credentials, there is not such an allow-list (I did notice there is a redirect uri allow-list for "Web App" credentials, but that one does not seem to allow "https://localhost:8000" - anyway, i'd like to use Native App). 

 

Thank you in advance for any hints about what I am doing wrong. 

 

 

Views

462

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Reply

Avatar

Level 1
Level 1
1/16/24 5:36:09 PM

I'm not sure, your method is not the standard OAuth2 PKCE way. More like a Web/Single Page process. If you use standard Web methods, you should be able to obtain the correct jump address.

Views

243

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
App Builder Authentication

Views

101

Likes

0

Replies

1
How can i use node.js in adobe app builder

Views

252

Likes

0

Replies

2
JWT to OAuth Server-to-Server migration

Views

202

Likes

0

Replies

2
How to authenticate login form in adobe app builder

Views

210

Like

1

Replies

2
Example for UserSyncTool using OAuth-Server-to-Server with existing AccessToken and new one

Views

256

Likes

0

Replies

5