Developer API: My attempt to login in as part of the OAuth authentication now fails.

douglashdouglash Member Posts: 4

My program that uses the Lightspeed API uses an embedded browser to perform the OAuth authentication. It used to be working perfectly, but now (with no changes on my side) it fails to successfully login. When I enter the username and password and click Sign In, the sign-in page refreshes blanking out the username and password. I expect it to proceed to the Authorize Application screen. My starting URL:

"https://us.merchantos.com/oauth/authorize.php?response_type=code&client_id=SnapRewards&scope=employee:inventory_counts+employee:inventory+employee:customers+employee:register"

 

navigates to page:

"https://us.merchantos.com/login.html?redirect_after_login=%2Foauth%2Fauthorize.php%3Fresponse_type%3Dcode%26client_id%3DSnapRewards%26scope%3Demployee%3Ainventory_counts%2Bemployee%3Ainventory%2Bemployee%3Acustomers%2Bemployee%3Aregister"

 

and then I get stuck on this page.

 

If I run this starting URL manually directly in a Firefox web browser I get navigated to the same login page, but after I enter my username/password and click SignIn I get navigated to this page:

"https://us.merchantos.com/oauth/authorize.php?response_type=code&client_id=SnapRewards&scope=employee:inventory_counts+employee:inventory+employee:customers+employee:register"

 

and then after i click "Authorize Application", I get navigated to my app's website with the authentication code:

"https://snapdoodletoys.com/?code=a6619b75a25c4773bf58bf4a7bb282ff6f8a3abe"

 

This is the expected sequence, but this no longer works when run through my embedded web browser in my application. It used to work. I made no changes on my side. Do you know what may have changed to break me?

4 comments

  • [Deleted User][Deleted User] Posts: 0 moderator

    Hello @douglash ,

    There hasn't been any update to the API or the Authorize endpoint. But let me ask around our Development team. You mentioned that you setup an embedded browser to grab the access token, would it be possible to get more information about it?

  • douglashdouglash Member Posts: 4

    The code is written in C#. The library i am using for the embedded browser is Xilium.CefGlue.dll.

    The browser class is Xilium.CefGlue.CefBrowser.

    Doug

  • douglashdouglash Member Posts: 4

    The behavior that i am seeing is that after the user enters the username/password into the login page and then clicks "Sign In", the sign in page reloads with the input fields blanked out. It does not accept the input and proceed to the Authorize Application page as expected. When i direct this embedded browser to a different web site (e.g. http://www.microsoft.com), the website works perfectly (e.g. i can login in to my Microsoft account).

    One other difference I see with the embedded browser compared to the normal desktop browser is that the saved usernames/passwords are not displayed in the embedded browser version.

    So, the question is, what would make the Lightspeed login page fail to accept the username/password input?

  • douglashdouglash Member Posts: 4

    The behavior that i am seeing is that after the user enters the username/password into the login page and then clicks "Sign In", the sign in page reloads with the input fields blanked out. It does not accept the input and proceed to the Authorize Application page as expected. When i direct this embedded browser to a different web site (e.g. http://www.microsoft.com), the website works perfectly (e.g. i can login in to my Microsoft account).

    One other difference I see with the embedded browser compared to the normal desktop browser is that the saved usernames/passwords are not displayed in the embedded browser version.

    So, the question is, what would make the Lightspeed login page fail to accept the username/password input?

Sign In or Register to comment.