search

pow-auth / assent

Multi-provider framework in Elixir
https://powauth.com
MIT License
391 stars 45 forks source link

Bad Request - Invalid Header with Entra ID (Azure AD) and Finch #147

Closed daniel-hayes closed 6 months ago

daniel-hayes commented 6 months ago

I am getting a 400 when sending requests to login.microsoftonline.com while using the Finch adapter.

%{
  name: InternalFinch,
  request: %Finch.Request{
    body: nil,
    headers: [{"User-Agent", "Assent-0.2.9"}],
    host: "login.microsoftonline.com",
    method: "GET",
    path: "/organizations/v2.0/.well-known/openid-configuration",
    port: 443,
    private: %{},
    query: nil,
    scheme: :https,
    unix_socket: nil
  },
  result: {:ok,
   %Finch.Response{
     body: "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Bad Request</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Bad Request - Invalid Header</h2>\r\n<hr><p>HTTP Error 400. The request has an invalid header name.</p>\r\n</BODY></HTML>\r\n",
     headers: [
       {"content-type", "text/html; charset=us-ascii"},
       {"date", "Mon, 11 Mar 2024 15:55:17 GMT"},
       {"connection", "close"},
       {"content-length", "339"}
     ],
     status: 400
   }},
}

I'm not sure if Microsoft is flagging this User-Agent as a bot, or there's actually an issue with the payload, but here are the only headers that seem to be sent in the request:

    headers: [{"User-Agent", "Assent-0.2.9"}],

Do we have any control over the headers sent in the payload while using an http adapter? I'd like to try and debug if adding/removing this header can make a difference.

Here are my dependencies:

{:assent, "~> 0.2.9"},
{:finch, "~> 0.16"},

any help would be much appreciated!

daniel-hayes commented 6 months ago

Apologies, this seems to be an issue with my version of Mint

daniel-hayes commented 6 months ago

For clarification, both mint and assent were setting User-Agent headers and creating this conflict Screenshot 2024-03-11 at 2 47 01 PM

danschultzer commented 6 months ago

Good catch. I wasn't able to reproduce it. Did you just upgrade mint to resolve it?

daniel-hayes commented 6 months ago

@danschultzer yes upgrading solved it -- I'm actually using a forked version of Mint, so I don't imagine this will happen to others!