Open Kyria opened 5 years ago
This makes it impossible to use SSOv2 for authentication-only apps, doesn't it?
it's probably the case, unless the character already logged in SSOv2 somewhere else (didn't test it since i opened the issue, so I don't remember, even if i'm sure i've tested that case)
EDIT: The error 500 was related to crappy code on my part. Please ignore this comment.
For some reason I am able to get past the initial 400 with one character, but get a 500 Internal Server Error from https://login.eveonline.com/v2/oauth/token...
with the message: 'An error has occurred.'
Other characters, and even the one I originally had in the above situation, failed when I added a scope to my URL.
My full URL looks like this:
https://login.eveonline.com/v2/oauth/authorize?response_type=code&redirect_uri=http://localhost:3000/sso/auth-callback&client_id=899b84c26c824c129faeb0e6737bac72&state=If5NCUwfuJn3OWc&scopes=esi-skills.read_skills.v1
I've tried encoding the redirect_uri but that did not change anything.
The 400 comes from this URL:
https://login.eveonline.com/v2/oauth/authorizeapp?state=8e1e6de2-27aa-4ec5-a742-02e14d29fce2
What's going wrong here?
This bug is still occurring, and I've noticed that the "workaround" seems to be on a per character, per app basis. That is, authorization with no scopes will only work if you have previously gone through an authorization (with scopes) with that character, on that specific app. Trying to authorize with such a character on a different app will fail as described in the issue.
@Ionaru Don't know what's causing your error, but since it's not dependent on inclusion of scopes, I find it unlikely it's the same one. Might be best to open another issue about it.
You can work around this by authorizing with the publicData
scope. This will not give your app any data it normally wouldn't have and you can successfully complete the SSO.
Not the prettiest of solutions though.
This won't work for "authorization only" app.
You can also reproduce this on https://esi.evetech.net/ui/
Another workaround for "authorization only" app is to have scope=
to the authorization url. That allowed the https://login.eveonline.com/v2/oauth/authorizeapp?state=....
to get to the next screen confirming that the user is only authenticating with no scopes enabled.
This is being worked on :)
Bug
When I try to log in SSO using no scope at all, in some circumstances, SSO is throwing a
HTTP 400: Bad Request
just after selecting the character in the UI."Some circumstances" mean you have to never (or maybe just not recently) have logged in using EVE SSO v2 with any scopes with a specific character to have this error happen.
If you logged once with any scope, you won't have it anymore.
Reproduction Steps
https://login.eveonline.com/v2/oauth/authorize?response_type=code&redirect_uri=http%3A%2F%2F127.0.0.1%3A5010%2Fsso%2Fcallback&client_id=1b4e28b61f544fc5a12f89a08ce428ba&state=some_state
authorize
Actual Behaviour
You get HTTP 400
Expected Behaviour
Redirected to the application, with the code information, like the v1 SSO would do.