OAuth 2 - Implicit Flow, Access Token not loaded

[janzen01]

Describe the bug I configured OAuth 2 Implicit Grant flow via Microsoft Entra. The Access Token call was successful, and Entra issued an Access Token, but this token was not loaded to the plugin config.

Steps to reproduce

1. Set OAuth 2 as the Auth type
2. Choose Implicit as Grant Type
3. On Microsoft Entra (formerly Azure Active Directory), register an application to be able to obtain a Client ID and configure Redirect URIs --> Web
4. In plugin OAuth 2 Options set:
   • Auth URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize
   • Check: Authorize using a browser
   • Client ID: UUID obtained from App registration
5. Hit the "GET NEW ACCESS TOKEN" button

Expected behavior After hitting the button, Call Auth Service and automatically import obtained token to the plugin configuration.

Environment information:

• OS: Windows 11 23H2 (OS Build 22631.2262)
• IDE version: IntelliJ IDEA 2023.2.1 (Ultimate Edition), Build #IU-232.9559.62, built on August 23, 2023
• plugin version: 2023.1.14-232

[AntonShuvaev]

Thanks for reporting the issue. I will look into it.

[AntonShuvaev]

The behavior you're observing is actually expected due to the nature of OAuth 2.0's Implicit Grant flow. In the "Implicit" grant flow, the access token is sent as a URL fragment (#access_token=token). According to HTTP specifications, the fragment part of the URL is never sent to the server; it's designed to be processed client-side.

This means that when you authorize using an external browser, the browser itself will not forward this fragment back to the plugin, thus it can't be automatically imported.

There are two ways to work around this:

• Disable the Authorize using browser option to use the built-in browser
• Manually copy-paste the access token from the URL

[janzen01]

Thank you for your investigation. I will look into it. :)