How to implement OAuth2 in custom node?

Hi, I’m trying to implement API for our invoicing software and we use OAuth 2. I chatted with the AI and I can’t for the love of god figure out how to do this, the docs are sparse if non-existent, forum posts either I can’t find or also doesn’t exist. It has been telling me lots of wild things from probably various platforms probably (Python SDK vs “custom node” code?), I don’t know which are relevant here and which aren’t.

The AI told me it is best to create a custom node to do the OAuth thing. Ok, I guess the input could be client_id, client_secret, the output access_token. Then I could pair it with Call API node and hope Gumloop somehow manages the access token refresh.

Here is probably the best incarnation I can muster right now, it’s syntactically incorrect it appears. Also I can’t find anything credentials related here Run Code - Gumloop so it prolly doesn’t work in custom node context?

from gumloop.decorators import credential

# Our API: https://www.fakturoid.cz/api/v3/authorization#authorization-code-flow
# On our side it wants redirect URL, AI said to use this https://api.gumloop.com/oauth/callback (is that even correct?)
def main(client_id, client_secret, params):
    @credential(
        name="fakturoid_oauth",
        type="oauth2",
        config={
            "client_id": client_id,
            "client_secret": client_secret,
            "auth_url": "https://app.fakturoid.cz/api/v3/oauth",
            "token_url": "https://app.fakturoid.cz/api/v3/oauth/token",
            "scope": "all:read,write"
        }
    )
    
    def get_access_token(context):
        credentials = context.get_credentials()
        access_token = credentials.get("access_token")

        return access_token
    
    context = where_do_i_get_this
    access_token = get_access_token(context)
    
    return access_token

Here’s the node https://www.gumloop.com/custom-nodes/builder?node_id=fAwGmXK7CSjS6XCyTK5pxR

I’m pulling my hair out on this.

Hey @Ollie! If you’re reporting an issue with a flow or an error in a run, please include the run link and make sure it’s shareable so we can take a look.

1. Find your run link on the history page. Format: https://www.gumloop.com/pipeline?run_id={your_run_id}&workbook_id={workbook_id}

2. Make it shareable by clicking “Share” → ‘Anyone with the link can view’ in the top-left corner of the flow screen.
   

3. Provide details about the issue—more context helps us troubleshoot faster.

You can find your run history here: https://www.gumloop.com/history

Hey @Ollie - The AI probably went off-base on the redirect URL, that is not correct. There is no easy way to do this unfortunately. The only thing you can really do is OAuth once yourself separately to get the refresh token, and then just have code to get a new access token every time.

So there’s no way to store/manage access token to Gumloop anyhow? Either some python helper way or some lower level API in the code to store as credential? So I don’t create a new token every time the API is called.

This rules out Authorization Code flow for 3rd party people though, only leaves me with Client Credentials flow but inability to store the token in Gumloop itself is a bummer.

You could store it within the code but that wouldn’t be helpful as you’d still have to generate a new token once that expires.

Mkay. Does this scenario with 3rd party people using this integration via OAuth make sense to do for Gumloop in the future?

Or even providing some way to store such tokens?
Or even developing your own OAuth plugin of some sort that would do that behind the scenes?

I’m just curious if it’s something that makes sense to you.

Thanks.

Yeah we do plan on adding external credentials management through https://www.gumloop.com/settings/profile/credentials but that is in the long-term, not something immediate.

Of course, no worries, I was just trying to make it work, will try later then.