search

Earlybyte / aad_oauth

Flutter Azure Active Directory OAuth Package
https://pub.dev/packages/aad_oauth
MIT License
92 stars 186 forks source link

Clients must send a client_secret when redeeming a confidential grant. #303

Closed SergeBerwert closed 7 months ago

SergeBerwert commented 7 months ago

Hi

try to use the package with Azure B2C which works on Android but when I try on the web I get the following exception:

invalid_request: undefined - [undefined]: AADB2C90079: Clients must send a client_secret when redeeming a confidential grant.

I did try different configurations but I think this is the one that should be right:

    tenant: "onlinecustomers",
    clientId: "e5b659b9-xxxx-xxxx-xxxx-xxxxxxxxxxxxx",
    clientSecret: "jxB8Q~xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    scope:m"https://domain.ch/bb6c1db2-xxxx-xxxx-xxxx-xxxxxxxxxxxxx/access_as_user openid profile offline_access",
    webUseRedirect: true,
    nonce: "defaultNonce",
    isB2C: true,
    policy: "B2C_1_SignUpIn",
    loginHint: "xxxxx@xxxxxx.xx",
    navigatorKey: navigatorKey,
    loader: const Center(child: CircularProgressIndicator()),
    tokenIdentifier: "08077e81-xxxx-xxxxx-xxxxx-xxxxxxxxxxxxx"
    );

I tried redirecting and without. I can enter a username and password after that I try to call login a second time the exception appears. Dont get a tocken.

SergeBerwert commented 7 months ago

I am not sure what I did but it works now for me after I removed the client secret which I found in this issue: 97. but I also change a lot of other things arround