Closed LinneyDew closed 7 months ago
Hi,
There are multiple issues with your snippet:
response_type
) and token request parameters (e.g client_secret
or grant_type
) as part of the same request to the authorization endpoint, which is completely invalid.Authorization
header and as part of the request form - which is illegal.Consider using a real OAuth 2.0/OpenID Connect client stack instead of trying to implement that yourself. The OpenIddict client is an excellent choice for interactive flows like the code flow. You can find a lot of samples in the dedicated repo: https://github.com/openiddict/openiddict-samples
Doing some housecleaning, but feel free to reopen if you need additional details 😃
Kevin,
Thanks for checking back in. I meant to reply to you last week but I was up to my neck in alligators.
Unfortunately, my client wants to do some special processing so we need to partially roll our own solution.
I got my code working. My problem was due to me not understanding what was being returned. You’re response did help because it let me know that what I was doing was basically correct.
Thanks for your response and thanks for the OpenIDDict libraries. And thank you for your quick responses.
Best regards, Linney
From: Kévin Chalet @.> Sent: Friday, March 1, 2024 11:21 AM To: openiddict/openiddict-core @.> Cc: Linney Dew @.>; Author @.> Subject: Re: [openiddict/openiddict-core] I'm unable to get the authorization code when trying to authenticate an application with OpenIdDict (Issue #2013)
Doing some housecleaning, but feel free to reopen if you need additional details 😃
— Reply to this email directly, view it on GitHubhttps://github.com/openiddict/openiddict-core/issues/2013#issuecomment-1973480931, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ALNOWT7Q2CTKECAVJUHUQQ3YWCTGPAVCNFSM6AAAAABD45ZEIOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNZTGQ4DAOJTGE. You are receiving this because you authored the thread.Message ID: @.**@.>>
Hey,
Thanks for checking back in. I meant to reply to you last week but I was up to my neck in alligators.
No worries 👍🏻
Unfortunately, my client wants to do some special processing so we need to partially roll our own solution.
The OpenIddict client has a very powerful events model that allows customizing each aspect of the request processing. Out of curiosity, can you tell me more about that special processing?
Thanks for your response and thanks for the OpenIDDict libraries. And thank you for your quick responses.
Thanks for your kind words.
Confirm you've already contributed to this project or that you sponsor it
Version
5.2.0
Question
I made an authorization server using OpenIdDict and it all seems to be working okay. It works when i call it using Postman, Swagger and www.oidcdebugger.com.
However, when I try to call it from my own application I can't seem to find the "code" which should be returned so I can then use it in the call the token exchange.
This is my first time using OpenIdDict and .NET Core so I'm not 100% exactly sure what I'm doing but everything seems to be working and I have a feeling I'm just missing something that should be obvious.
I also posted this question on Stack Overflow. https://stackoverflow.com/questions/78070848/im-unable-to-get-the-authorization-code-when-trying-to-authenticate-an-applicat