Account linking for OAuth 1.0

google-assistant
amazon-alexa
#1

I am familiar with how you would implement account linking when communicating with services using OAuth 2.0, using Jovo’s support for account linking, ie:

this.$alexaSkill.showAccountLinkingCard();
this.tell("Please link your account");

However how would you implement account linking with OAuth 1.0 where you don’t have values for Client Id or Client Secret to enter in the Alexa Account linking console? Instead the OAuth 1 flow requires oauth_token and oauth_token_secret.

alexa_accountlinking.png1344×1312 37.1 KB

If the target service supports authentication with Facebook / Google is it possible to maybe get the access token using an OAuth 2.0 flow and then use that access token value

let token = this.$request.getAccessToken();

in the authorization header of the requests made to the service that uses OAuth 1.0. The following is the authorization header required to make requests to the service.

Authorization:
       OAuth oauth_consumer_key="xxx-xxx-xxx-xxxx",
       oauth_token="xxx-xxx-xxx-xxxx",
       access_token= "xxx-xxx-xxx-xxxx", //Provided by identity server

Thank you for your help.

Get ID Token (JWT format) after Account Linking
#2

I can’t find the reference anymore, but to my knowledge it is required by both platforms to use oAuth 2.0

#3

Do you think it is possible to get the access token using OAuth 2.0 flow with an identity provider such as Facebook / Google and use it in the OAuth 1.0 authorization header (access_token) when making API requests:

Authorization:
       OAuth oauth_consumer_key="xxx-xxx-xxx-xxxx",
       oauth_token="xxx-xxx-xxx-xxxx",
       access_token= "xxx-xxx-xxx-xxxx", //Provided by identity server

Or is the only choice migrating the service to using OAuth 2.0, since there is no workaround.

Edit: Looks like the Oauth 1 access token is different from the OAuth 2 access token