Swap short-lived token for long-lived token

[luciengeorge]

Hello 👋

I Hope this is the right place to ask this question, otherwise feel free to redirect me wherever's appropriate and I apologise for the inconvenience.

I am working on implementing an oauth flow with instagram's API. The flow goes as follows:

1. Get authorization
2. Exchange authorization code for a token
3. Swap token for a long-lived access token

The issue with instagram's API is that once we get the authorization code (step 1) and retrieve the token (step 2), instagram returns a short-lived token. In that response, instagram doesn't return the token_type which means that an AuthorizationError is thrown

AuthorizationError: Missing or invalid 'token_type' field

Here's the sample response from step 2:

{
  "access_token": "<THE_ACCESS_TOKEN>", 
  "user_id": "<IG_APP_SCOPED_ID>",
  "permissions": "<LIST_OF_GRANTED_PERMISSIONS>"
}

At the moment, I am not using authenticator.authenticate(providerName, request) to get around this issue. Once i get the authorization code back, I fetch the first token and then swap it for a long lived token myself.

I was wondering if there was a better way of doing this by maybe overriding the authenticate method in my InstagramStrategy?
If that's doable any help would be greatly appreciated.
If that's not the way to go is there a better way to solve this issue?

Thank you!

Instagram API docs

[sergiodxa]

Seems like you will need a custom strategy for Instagram as the OAuth2 is for providers following the spec and Instagram is not following it

[luciengeorge]

Sounds good thank you. Just wanted to double check