I can not get the access token while calling Microsoft authentication. I call this method with sign-in button:
public ActionResult OauthRedirect()
{
var redirectUrl = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?"
"&scope=Calendars.ReadWrite offline_access User.Read"
"&response_type=code"
"&response_mode=query"
"&state=de-medewerker"
"&redirect_uri=https://localhost:44344/Admin/oauth/callback"
"&client_id=myClientID";
return Redirect(redirectUrl);
}
This is OAuthController:
[Area("Admin")]
public class OAuthController : Controller
{
string tokensFile = "D:\\tokens.json";
public ActionResult Callback(string code,string state, string error)
{
if (!string.IsNullOrWhiteSpace(code))
{
RestClient restClient = new RestClient();
RestRequest restRequest = new RestRequest();
restRequest.AddParameter("client_id", "MyClientID");
restRequest.AddParameter("scope", "Calendars.ReadWrite offline_access User.Read");
restRequest.AddParameter("redirect_uri", "https://localhost:44344/Admin/oauth/callback");
restRequest.AddParameter("code", code);
restRequest.AddParameter("grant_type", "authorization_code");
restRequest.AddParameter("client_secret", "MyClientSecret");
restClient.BaseUrl = new Uri("https://login.microsoftonline.com/common/oauth2/v2.0/authorize?");
var response = restClient.Post(restRequest);
if (response.StatusCode==System.Net.HttpStatusCode.OK)
{
System.IO.File.WriteAllText(tokensFile, response.Content);
return RedirectToAction("Index", "Home");
}
}
return RedirectToAction("Error", "Home");
}
}
when I start the project I get a 183 KB HTML format string in 'response.Content' that saves in tokens.json file when I change the .json to .html, inside of file is this text:
" We can't sign you in Your browser is currently set to block cookies. You need to allow cookies to use this service. Cookies are small text files stored on your computer that tell us when you're signed in. To learn how to allow cookies, check the online help in your web browser. "
But I checked in my browser and the cookie is not disabled.
Any advice or assistance would be greatly appreciated.
CodePudding user response:
In the second step your POST should be to the token endpoint:
- /oauth2/v2.0/token
Also use this content-type header for the POST request:
- Content-Type: application/x-www-form-urlencoded
Your OAuth controller also needs to write a secure cookie before the redirect if it is going to return to the client like that. Using the built-in OIDC support may make this easier.
CodePudding user response:
The token API endpoint is https://login.microsoftonline.com/common/oauth2/v2.0/token.
Please update your BaseUrl to https://login.microsoftonline.com/common/oauth2/v2.0/token instead of https://login.microsoftonline.com/common/oauth2/v2.0/authorize?
OAuthController:
[Area("Admin")]
public class OAuthController : Controller
{
string tokensFile = "D:\\tokens.json";
public ActionResult Callback(string code,string state, string error)
{
if (!string.IsNullOrWhiteSpace(code))
{
RestClient restClient = new RestClient();
RestRequest restRequest = new RestRequest();
restRequest.AddParameter("client_id", "MyClientID");
restRequest.AddParameter("scope", "Calendars.ReadWrite offline_access User.Read");
restRequest.AddParameter("redirect_uri", "https://localhost:44344/Admin/oauth/callback");
restRequest.AddParameter("code", code);
restRequest.AddParameter("grant_type", "authorization_code");
restRequest.AddParameter("client_secret", "MyClientSecret");
restClient.BaseUrl = new Uri("https://login.microsoftonline.com/common/oauth2/v2.0/token");
var response = restClient.Post(restRequest);
if (response.StatusCode==System.Net.HttpStatusCode.OK)
{
System.IO.File.WriteAllText(tokensFile, response.Content);
return RedirectToAction("Index", "Home");
}
}
return RedirectToAction("Error", "Home");
}
}