Comments (4)
kevinchalet
commented on June 4, 2024
Hi,
There are multiple issues with your snippet:
- You're sending both authorization request parameters (e.g
response_type) and token request parameters (e.gclient_secretorgrant_type) as part of the same request to the authorization endpoint, which is completely invalid. - You're using basic authentication against the authorization endpoint, which makes no sense.
- You're using multiple client authentication methods - i.e sending the secret via both the
Authorizationheader and as part of the request form - which is illegal.
Consider using a real OAuth 2.0/OpenID Connect client stack instead of trying to implement that yourself. The OpenIddict client is an excellent choice for interactive flows like the code flow. You can find a lot of samples in the dedicated repo: https://github.com/openiddict/openiddict-samples
from openiddict-core.
kevinchalet
commented on June 4, 2024
Doing some housecleaning, but feel free to reopen if you need additional details π
from openiddict-core.
LinneyDew
commented on June 4, 2024
Kevin,
Thanks for checking back in. I meant to reply to you last week but I was up to my neck in alligators.
Unfortunately, my client wants to do some special processing so we need to partially roll our own solution.
I got my code working. My problem was due to me not understanding what was being returned. Youβre response did help because it let me know that what I was doing was basically correct.
Thanks for your response and thanks for the OpenIDDict libraries. And thank you for your quick responses.
Best regards,
Linney
From: KΓ©vin Chalet ***@***.***>
Sent: Friday, March 1, 2024 11:21 AM
To: openiddict/openiddict-core ***@***.***>
Cc: Linney Dew ***@***.***>; Author ***@***.***>
Subject: Re: [openiddict/openiddict-core] I'm unable to get the authorization code when trying to authenticate an application with OpenIdDict (Issue #2013)
Doing some housecleaning, but feel free to reopen if you need additional details π
β
Reply to this email directly, view it on GitHub<#2013 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ALNOWT7Q2CTKECAVJUHUQQ3YWCTGPAVCNFSM6AAAAABD45ZEIOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNZTGQ4DAOJTGE>.
You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>
from openiddict-core.
kevinchalet
commented on June 4, 2024
Hey,
Thanks for checking back in. I meant to reply to you last week but I was up to my neck in alligators.
No worries ππ»
Unfortunately, my client wants to do some special processing so we need to partially roll our own solution.
The OpenIddict client has a very powerful events model that allows customizing each aspect of the request processing.
Out of curiosity, can you tell me more about that special processing?
Thanks for your response and thanks for the OpenIDDict libraries. And thank you for your quick responses.
Thanks for your kind words.
from openiddict-core.
Related Issues (20)
- integration openiddict identityServer .net core 7 with client .net framework 4.8 HOT 1
- Oracle doesn't support `RepeatableRead` isolation level. HOT 3
- How to make the BFF Proxy Sample Dantooine work? HOT 65
- SPA and BFF on different sub-domains, BFFs for mobile apps HOT 6
- Getting The security token is missing during login validation on postman client authorization or web client authorization HOT 2
- InvalidOperationException: Cannot redirect to the authorization endpoint, the configuration may be missing or invalid. HOT 7
- OpenIddict + SPA UI Question HOT 9
- Remove `Uri.IsWellFormedOriginalString()`/`Uri.IsWellFormedUriString()`
- The specified token is invalid since we renewed SSL certificate in Azure key vault HOT 14
- invalid_token returned by authorization callback HOT 14
- Claims not found in token of external provider (Microsoft) HOT 5
- Using KeyVaultSecurityKey as asymmetric signing key and/or symmetric encryption key HOT 6
- unauthorized_client when changing url HOT 6
- Using "role" claims from external providers in access tokens HOT 7
- Update the OpenIddict client ASP.NET Core/OWIN integrations to support overriding the requested scopes via `AuthenticationProperties`
- openiddict 5.0.1 => 5.1.0, breaking change when adding amr array claim to id_token HOT 5
- Sharing the same signing key in a multi tenant environment HOT 7
- Enable the use of Azure Workload Identities with `.AddClient(options => { options.UseWebProviders().AddMicrosoft...})` HOT 3
- Microsoft Entra: ResponseMode "query" is not working good HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openiddict-core.