Closed RMo-Sloth closed 4 years ago
I'm pretty sure this is because you cannot get a refresh token via the front end. You would need a server to handle converting the authorization_code
into an access_token
/refresh_token
.
If you don't have a server to do this, another option is to use the implicit flow. This would allow you to get a token via solely the frontend, but it would expire in 20min and you would have to go thru the SSO flow again in order to refresh it.
For the implicit flow, when you do the redirect to the login page, change the response_type
query param to token
instead of code
.
Something should probably get added to the docs site about this.
EDIT: This is also not related to ESI. If the problem persists, make a new issue in the https://github.com/ccpgames/sso-issues repo.
Bug
I was following along https://docs.esi.evetech.net/docs/sso/web_based_sso_flow.html (step 5) Running the html file below from a localhost. Browsers block this request due to CORS. In my console this error is thrown:
POST https://login.eveonline.com/v2/oauth/token net::ERR_HTTP2_PROTOCOL_ERROR
Request
Requests work outside of browsers in e.g. Postman
Response
this error is thrown:
POST https://login.eveonline.com/v2/oauth/token net::ERR_HTTP2_PROTOCOL_ERROR
Status Code
net::ERR_HTTP2_PROTOCOL_ERROR
Headers
Authorization: Basic <URL safe Base64 encoded credentials>
Content-Type: application/x-www-form-urlencoded
Host: login.eveonline.com
Body
none
Expected
On as successful request with the correct data:
On a request with invalid data I expect a regular errorcode, not
net::ERR_HTTP2_PROTOCOL_ERROR
Checklist
Check all boxes that apply to this issue: