Mike Lyons
Mike Lyons
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
Hey, so I've been plugging along with this and I think I'm most of the way there on OAuth2 -- the one thing I can't figure out is why the access_token I get at the end of the oauth2 flow (from clerk) does not seem to be accepted by convex. I think maybe it's similar to my previous goof of using Clerk's getToken() without {template: 'convex'} -- there's something about the format the access_token is returned in that is perhaps valid, but not what convex expects. Do you have any ideas about how convex processes the Authorization: Bearer XXXXXX with Clerk? For example, is Convex expecting a JWT there (not just any arbitrary token)? The oauth2 access_token is definitely not in JWT format (it's just a long [A-Z0-9]) Thanks!
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
Hey hey, figured it out! So the problem is that Convex HTTP Actions look for "Convex" templated JWTs in Authorization: Bearer XXXXX does not accept standard JWTs. This is consistent with the code sample you sent me (and what I originally had), but when you mentioned check if it was a valid JWT with a JWT decoder, that let me to remove the {template: "convex"} bit. So the original problem was just that I wasn't awaiting correctly in the HTTP Action handler (which did show up in the logs once I knew where to look). So for anyone else reading this: 1. Make sure you're checking the "Logs" tab in the Convex Dashboard if something seems off first. 2. Make sure you're awaiting on getUserIdentity() 3. Make sure you're using getToken({template: "convex"}) (and the result will not work with standard JWT decoders) Also as a feature request, would be lovely if the logs note when an Authorization: Bearer XXXX auth fails -- I was hitting a point where I couldn't tell if Convex was even checking auth. Bonus points if the log error includes a note about generating the JWT with the convex template. Thanks everyone for your help!
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
alrighty, I was doing a couple things wrong (turns out I shouldn't use the same object into getToken and not awaiting right, but now I just get null instead of {}. Don't see any errors in the convex logs fwiw
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
ok will poke around. thanks ian!
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
Ok so I do get a pretty massive token out with that. But when I pass the Authorization: Bearer XXXXX , getUserIdentity() returns the empty object {} (same as if I didn't return the Authorization header)
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
One thing I was thinking was just grab the JWT and using "API Key" auth to force it through and make sure that works. Any idea how to get the JWT token for a user?
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
Yeah, I've been following the instructions there today, but it's a little opaque when things aren't working. The GPT is complaining that the access_token is missing, but I suspect it's b/c my "let's see if I can make a CNAME that redirects to my convex subdomain is enough to make the Action Set config happy that everything is on the same domain" likely fails an SSL check. I think my problem is the overlap of this post and the "Custom domain?" one. I'm not sure if most services insist that auth and the backend are on the same root domain, but the GPT certainly does. So while I suspect the doc linked above would sort it all out, without convex custom domains I'm not sure how to know it (unless I implement a proxy in vercel or something)
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Custom domain?
Ah, that's a reasonable stopgap. Out of curiosity what would "adding custom domains" entail adding? I'm guessing some sort of SSL cert thing to get CNAMES working?
8 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
So I could use "API Key" to set the JWT token, but then I wouldn't be able to share my GPT with anyone else
24 replies
CCConvex Community
Created by Mike Lyons on 11/14/2023 in #support-community
Authing HTTP Action with OAuth2?
No description
24 replies