vohuythao
commented
1 year ago Got same problem,
When I run the Inferno tool (g)(10), Standalone Patient App - Full Access, 1.3.05 OAuth token exchange request succeeds when supplied correct information
Got 400,
with error "error_description": "AADSTS9002327: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.
I search and had found this topic https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/2482
The workaround is adding Origin header, I wonder how can we add Origin header with Inferno?
Thank you
This error in SMARTProxyToken function
sordahl-ga
While testing with Inferno tool (g)(10) section "3 EHR Practitioner App" I'm getting this error
Steps from 3.3.01 to 3.3.04 are ok (3.3.06 also ok)
Steps from 3.3.08 to 3.6 failed because this one
3.3.07 OAuth token exchange request succeeds when supplied correct information Error during authorization request
After obtaining an authorization code, the app trades the code for an access token via HTTP POST to the EHR authorization server's token endpoint URL, using content-type application/x-www-form-urlencoded, as described in section 4.1.3 of RFC6749.
https://inferno.healthit.gov/suites/custom/smart/redirect?error=invalid_client&error_description=AADSTS650053%3a+The+application+%27fhirproxy-smart-client%27+asked+for+scope+%27launch%27+that+doesn%27t+exist+on+the+resource+%27740cac0e-fc65-450e-afb9-14ef9433c55e%27.+Contact+the+app+vendor.%0d%0aTrace+ID%3a+632ae9f0-2173-44e8-8d97-7409c55b2d00%0d%0aCorrelation+ID%3a+acfdfb9b-1741-4134-b7ab-7f4ed42872f5%0d%0aTimestamp%3a+2022-11-16+14%3a29%3a59Z&state=0addbd03-5c46-46b0-91a7-e91096cffa50
To reproduce the error
Run test # 3 on https://inferno.healthit.gov/suites/test_sessions/3294991d-8299-4ea0-86ad-b8d5b1e87af6
Provide your Fhir Proxy Url, client and secret
Use this link to complete test https://inferno.healthit.gov/suites/custom/smart/launch?launch=123&iss=https://sfp-proxyxxx.azurewebsites.net/fhir