search

esi / esi-issues

Issue tracking and feature requests for ESI
https://esi.evetech.net/
209 stars 23 forks source link

esi-universe.read_structures.v1 scope not working #1302

Closed lunemec closed 2 years ago

lunemec commented 2 years ago

Bug

When trying to authorize with V2 SSO (V1 has the same issue after the update), I can no longer use scope esi-universe.read_structures.v1, even though ESI docs and Developer portal specify this scope.

This can be consistently reproduced, if any more information is required, please let me know.

Request

GET https://login.eveonline.com/v2/oauth/authorize?access_type=online&client_id=...&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fcallback&response_type=code&scope=publicData+esi-universe.read_structures.v1+esi-corporations.read_structures.v1&state=...

Response

{
    "error":"invalid_scope",
    "error_description":"The requested 'esi-universe.read_structures.v1' scope is not valid."
}

Status Code

400

Headers

date: Thu, 28 Oct 2021 07:19:12 GMT
request-context: appId=cid-v1:2ccf88f2-29b9-460a-bc15-7c0b79926f61

Expected

Expected the scope to work, or there to be migration guide for changed scopes that is consistent with ESI docs and Developer portal.

200 + redirect to APP URL

Checklist

Check all boxes that apply to this issue:

Dusty-Meg commented 2 years ago

You need to have your scope list url encoded and space delimited not + delimited. IE. publicData%20esi-universe.read_structures.v1%20esi-corporations.read_structures.v1

Also publicData may also be the problem, its useless in your context

lunemec commented 2 years ago

I have manually tried %20 as delimiter (e.g. space) with no change. Even if I try to use just esi-universe.read_structures.v1 by itself, it results in the same error.

lunemec commented 2 years ago

It seems that the "Authorize" button in ESI docs work though. But I can't find any network requests where I could see what the difference is in my case.

Dusty-Meg commented 2 years ago

https://login.eveonline.com/v2/oauth/authorize?client_id=&redirect_uri=https://esi.evetech.net/ui/oauth2-redirect.html&response_type=code&state=dfdfd&scope=esi-universe.read_structures.v1%20esi-corporations.read_structures.v1

This is a working url. Dropped publicData and its working.

Modified your url to the following and its working. https://login.eveonline.com/v2/oauth/authorize?access_type=online&client_id=&redirect_uri=https://esi.evetech.net/ui/oauth2-redirect.html&response_type=code&scope=esi-universe.read_structures.v1+esi-corporations.read_structures.v1&state=sss

lunemec commented 2 years ago

🤦 OMG please ignore this issue. It just works. I used CLI from different APP using different client_id and I did not notice. Sorry. Closing.

Blacksmoke16 commented 2 years ago

For future reference, SSO issues should be reported at https://github.com/ccpgames/sso-issues as this isn't an ESI issue.