react-oidc-context icon indicating copy to clipboard operation
react-oidc-context copied to clipboard

Published 20 hours ago verified publisher icon authts

token_endpoint request fails to fetch response

Open Naveenbc opened this issue 3 years ago • 3 comments

token_enpoint request fails to fetch response but when I try in postman with same configuration it is working.

My index.tsx looks like the below

const oidcConfig = { authority: authority_url, client_id: "5afa1a2b-9ab1-424b-80a3-b826ba3b8c79", redirect_uri: window.location.origin, metadata: { issuer: "issurer url", authorization_endpoint: "", token_endpoint: "", userinfo_endpoint: "" }, response_type: "code", scope: "openid entitlement_group authorization_group location_data profile", post_logout_redirect_uri: "", filterProtocolClaims: true // ... };

const root = ReactDOM.createRoot( document.getElementById('root') as HTMLElement ); root.render( <React.StrictMode> <AuthProvider {...oidcConfig}> <AppAuth /> </AuthProvider>

</React.StrictMode> );

kindly help.

Thanks, Naveen B C

Naveenbc avatar Sep 07 '22 10:09 Naveenbc

Works here reliable, you need to find out why its not working on your side. Is the token_endpoint URL correct? ...

You should not provide the metadata, unless you really need. If not provided the underlying library oidc-client-ts will fetch that information automatically by default from authority/.well-known/openid-configuration. In case one metadata url is wrong or missing you can use metadataSeed.

pamapa avatar Sep 08 '22 06:09 pamapa

CORS is not enabled in my Authority URL, So it is necessary to give metadata information. I have cross checked the urls, it is fine. Kindly give me more information on metadata seed.

Also only difference I see in our token end point call and postman's token end point call is presence of "authorization": "Basic NWFmYTFhMmItOWFiMS00MjRiLTgwYTMtYjgyNmJhM2I4Yzc5Og==", in request headers in postman's call and not in our request call.

Naveenbc avatar Sep 08 '22 07:09 Naveenbc

Also only difference I see in our token end point call and postman's token end point call is presence of "authorization": "Basic NWFmYTFhMmItOWFiMS00MjRiLTgwYTMtYjgyNmJhM2I4Yzc5Og==", in request headers in postman's call and not in our request call.

I guess that is your problem. You can instruct oidc-client-ts to pass that too. See settings.client_authentication + settings.client_secretin the settings or code...

pamapa avatar Sep 08 '22 08:09 pamapa