Intermittent oauth failures


#1

I’m implementing Patreon OAuth in a Rails backend and I think I’ve done it correctly because it sometimes works. But sometimes the same code fails with an “access_denied” error message. Is there something I’m missing here or is there perhaps an issue on the Patreon side? Code posted below for reference.

 class Api::V1::PatreonUsersController < Api::BaseController
  before_action :authenticate_user, except: %i[oauth_redirect]

  def oauth_redirect
    client_id = ENV['PATREON_CLIENT_ID'].presence || \
      raise(ArgumentError, 'No patreon client id defined')
    client_secret = ENV['PATREON_CLIENT_SECRET'].presence || \
      raise(ArgumentError, 'No patreon client secret defined')

    oauth_client = Patreon::OAuth.new(client_id, client_secret)
    token = oauth_client.get_tokens(params[:code], request.original_url)

    raise ArgumentError, token['error'] if token['error'].present?

    user = User.find(params[:state])
    user.update!(
      patreon_access_token: token["access_token"],
      patreon_refresh_token: token["refresh_token"],
      patreon_expires_in: token["expires_in"],
      patreon_scope: token["scope"]
    )
    render plain: "Patreon Linked"
  end
end

#2

I also have had issues with token refreshes.

Sometimes it will just refuse to refresh the token and I’ll get stuck without a valid access token.