403 error receiving the OAuth token

AdamKuc — Mon, 28 Aug 2023 08:25:42 GMT

I'm developing an add-on for the django library-allauth 0.54.0 (https://www.intenct.nl/projects/django-allauth/). I want to add an ArcGIS account authentication module to this library.

I've read your OAuth integration documentation carefully
(https://developers.arcgis.com/documentation/mapping-apis-and-services/security/oauth-2.0/)

I created an account, created an application. Received the public and secret keys. Added the necessary redirect urls :
1. local - http://127.0.0.1:8000/accounts/arcgis/login/callback/
2. local + ngrok - https://….ngrok-free.app/accounts/arcgis/login/callback/
3. prodaction - https://...io/accounts/arcgis/login/callback/

Currently, I have this module ready. It works well locally, locally + ngrok and didn't give any crashes. But prodaction often has questions when receiving a token.

Here is my part of the code where the error occurs:

resp = requests.request(
self.access_token_method,
url,
data=data,
auth=auth,
)

self.access_token_method = ‘POST’
url = 'https://www.arcgis.com/sharing/rest/oauth2/token'
data = {
'redirect_uri': 'https://…/accounts/arcgis/login/callback/'
'grant_type': 'authorization_code',
'code':
'o9DGl2OY7JRDSwvinUTRJy7jSHy3D9p-ftLIPNiWXgMDtA-JcsQ3cucXm1V-OcoJCrB0G05CX_iErKl9TK2LsYC-bf5eDcRa5O88heoxvwpWRnBuLoVpx1Bw8FPZ8QqBVVmu4lhN-C4I3f
uSe6sZEvyQ3jGTa7V1xcbhxELw02S96t-yO_8ZAJhZ-WQg_Jybzq3s3LsBM0EQe7r9301JE1
W5-sLQd-YrKkjc909t4d5zrUi-XzMNyUtD4v-KD5fc',
'client_id': <my_client_app_id>,
}

P.S. I get the ‘code’ parameter from the redirect url. Example:
<WSGIRequest: GET
'/accounts/arcgis/login/callback/?code='o9DGl2OY7JRDSwvinUTRJy7jSHy3D9p-ftLIPNiWX
gMDtA-JcsQ3cucXm1V-OcoJCrB0G05CX_iErKl9TK2LsYC-bf5eDcRa5O88heoxvwpWRnBu
LoVpx1Bw8FPZ8QqBVVmu4lhN-C4I3fuSe6sZEvyQ3jGTa7V1xcbhxELw02S96t-yO_8ZAJhZ
-WQg_Jybzq3s3LsBM0EQe7r9301JE1W5-sLQd-YrKkjc909t4d5zrUi-XzMNyUtD4v-KD5fc&st
ate=YcoUuwg0Nvni'>

For this request (locally and locally + ngrok), I get a response with the status 200 and
the following data:
{
'access_token': 'Nn35y22fGaSqrrzkkbGQp…',
'expires_in': 1800,
'username': 'username',
'ssl': True,
'refresh_token': '53Anf42u0nwrDCGgm…',
'refresh_token_expires_in': 1209599,
}

BUT when a similar situation occurs on prodaction (https://...io/), I get a response with the status 403, with
the following data:

raise OAuth2Error("Error retrieving access token: %s" % resp. content)
oauthlib. oauth2. rfc6749. errors. OAuth2Error: (None) Error retrieving access token:
b'<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403
Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n'

10.42.2.48 - - [24/Aug/2023:11:57:45 -0400] "GET
/accounts/arcgis/login/callback/?code=JiYZNXrTrbg8_o7f0o7QY3blC_T34SoxubESKNpBr3z
9pxKFb5m5J0oxwbW4yNDRdVuVt-ZGL3gmIo349zpLQDEqm1Lf2rRbnK2MTQMPKl6Of3-n
WLO8BBsNOYaZQ37LfP6PZ0SIkcrHkgJ7ESgALlMKA7mRilHiCSPF-R9UwSqJfww_tOiQCS
KEhbVwrWhuKDcFly9QGh4SWlTRNFgdOmimaXyuDwwkdcRFDiIa6dGWyPi9pcoqVhrzNG
YQw2Xx835nG5yela53XT73nj7-mg&state=BujTt0IhiPDX HTTP/1.1" 302 0
"https://www.arcgis.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/116.0.0.0 Safari/537.36"

PS
it also often happens on prodaction that I get the parameter ‘code’ at the end of which
there are two dots. For example:?code=YQw2Xx835nG5yela53XT73nj7-mg..
Sometimes, if you delete these points, you will receive a 200 response with
the desired token later. (this doesn't always happen). An error was excluded when extracting this
parameter in our code. This ‘code ' comes from your server.

Also, if I get a 403 response to prodaction, I quickly send the same
request with the same data via Postman and get a 200 response.I.e. the problem occurs exactly on prodaction.

Please, tell me what the problem may be and how to fix it?

topic 403 error receiving the OAuth token in ArcGIS Online Developers Questions

403 error receiving the OAuth token