Freesound Forums

Hello!

I am having trouble authenticating the API with oauth2. Here's what I'm doing and what's getting returned - if anyone has any insight I'd appreciate it.

I'm following the instructions here: https://freesound.org/docs/api/authentication.html#oauth2-authentication

I am able to do step 1 and step 2 of oauth2 (open the page to grant permission) successfully.

Then I curl exactly as the documentation says

curl -X POST -d 'client_id=CLIENT_ID&client_secret=CLIENT_SECRET&grant_type=authorization_code&code=7y660H81CABJwAPqyil7v2GhjhxIvh' https://www.freesound.org/apiv2/oauth2/access_token/ > /Users/elliotcole/Library/Application Support/SuperCollider/tmp/fs3_1002.txt

and I get curl failure result code 6.

When I go to that address in the browser I get:

HTTP 400 Bad Request
Allow: OPTIONS, GET
Content-Type: application/json
Vary: Accept

{
"detail": "Invalid url"
}

and when I curl in Terminal with no 'www' (https://freesound.org...) --verbose I get this: (401 Unauthorized)

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Could not resolve host: POST
* Closing connection 0
curl: (6) Could not resolve host: POST
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 84.89.139.206:443...
* Connected to freesound.org (84.89.139.206) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
} [318 bytes data]
* (304) (IN), TLS handshake, Server hello (2):
{ [61 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [5481 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [621 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [102 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=ES; ST=Barcelona; L=Barcelona; O=Universidad Pompeu Fabra; OU=STR - Poblenou; CN=*.freesound.org
* start date: Dec 15 00:00:00 2021 GMT
* expire date: Dec 15 23:59:59 2022 GMT
* subjectAltName: host "freesound.org" matched cert's "freesound.org"
* issuer: C=NL; O=GEANT Vereniging; CN=GEANT OV RSA CA 4
* SSL certificate verify ok.
> POST /apiv2/oauth2/access_token/ HTTP/1.1
> Host: freesound.org
> User-Agent: curl/7.79.1
> Accept: */*
> Content-Length: 113
> Content-Type: application/x-www-form-urlencoded
>
} [113 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Date: Sun, 04 Dec 2022 04:01:05 GMT
< Content-Type: application/json
< Content-Length: 27
< Connection: keep-alive
< Vary: Cookie
< Pragma: no-cache
< Cache-Control: no-store
< X-Frame-Options: SAMEORIGIN
< Strict-Transport-Security: max-age=31536000; preload
<
{ [27 bytes data]
100 140 100 27 100 113 48 201 --:--:-- --:--:-- --:--:-- 249
* Connection #1 to host freesound.org left intact
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Could not resolve host: Support
* Closing connection 2
curl: (6) Could not resolve host: Support

and when I do include the www I get HTTP 301 Moved Permanently:

* Connected to www.freesound.org (84.89.139.206) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
} [322 bytes data]
* (304) (IN), TLS handshake, Server hello (2):
{ [61 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [5481 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [621 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [102 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=ES; ST=Barcelona; L=Barcelona; O=Universidad Pompeu Fabra; OU=STR - Poblenou; CN=*.freesound.org
* start date: Dec 15 00:00:00 2021 GMT
* expire date: Dec 15 23:59:59 2022 GMT
* subjectAltName: host "www.freesound.org" matched cert's "*.freesound.org"
* issuer: C=NL; O=GEANT Vereniging; CN=GEANT OV RSA CA 4
* SSL certificate verify ok.
> POST /apiv2/oauth2/access_token/ HTTP/1.1
> Host: www.freesound.org
> User-Agent: curl/7.79.1
> Accept: */*
> Content-Length: 113
> Content-Type: application/x-www-form-urlencoded
>
} [113 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Access-Control-Allow-Origin: *
< location: https://freesound.org/apiv2/oauth2/access_token/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
100 113 0 0 100 113 0 144 --:--:-- --:--:-- --:--:-- 144
* Connection #0 to host www.freesound.org left intact
Note: Unnecessary use of -X or --request, POST is already inferred.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Could not resolve host: Support
* Closing connection 1
curl: (6) Could not resolve host: Support

Any insights much appreciated!
E

Hi, always use the non-www urls when making any api call. If the documentation includes examples with www, the this should be fixed.

Cheers,