Paulius Pro Posted February 11, 2019 Posted February 11, 2019 Hello, I am building my own NodeJS OAuth2 server that services authentication from IPS. However I am encountering some issues making it work. IPS constantly throws me error : "The provider is not responding as expected. Check the application settings are correct and you have registered the correct Redirect URI." IPS request is handled correctly in NodeJS server, and server returns these in body: access_token:"0000000000000000000000000000000000000000" refresh_token:"0000000000000000000000000000000000000000" token_type:"Bearer" It also sets these headers as required by OAuth2 RFC res.set("Cache-Control", "no-store"); res.set("Pragma", "no-cache"); However, it doesn't work. I tried redirecting it to /oauth/callback as required by IPS, and it still shows the same error. Any ideas what I could be doing wrong?
bfarber Posted February 11, 2019 Posted February 11, 2019 What kind of grant type are you attempting to configure? That error message would be shown (and the actual exception message should be displayed at the end of the sentence actually) if 1) There is a HTTP communication error 2) You are setting up a password grant and the provider is not returning error=invalid_grant in the response
Paulius Pro Posted February 11, 2019 Author Posted February 11, 2019 Grant is Resource Owner Password Credentials ("password") What I do receive when I manually post for token : or this (if i am not setting the redirect) This would also be the information IPS receives.
bfarber Posted February 12, 2019 Posted February 12, 2019 When you go to save the settings a test is performed using "username" as the username and "password" as the password. The software is expecting these are invalid, and subsequently is expecting to get an invalid_grant error response, which is not happening. Are you treating "username" and "password" (as the username/password combination) special on your end somehow, or are these somehow valid credentials by chance?
Paulius Pro Posted February 12, 2019 Author Posted February 12, 2019 8 hours ago, bfarber said: When you go to save the settings a test is performed using "username" as the username and "password" as the password. The software is expecting these are invalid, and subsequently is expecting to get an invalid_grant error response, which is not happening. Are you treating "username" and "password" (as the username/password combination) special on your end somehow, or are these somehow valid credentials by chance? Yes, that was the error! Thank you very much. Not sure if I have to create a new topic but what data does the IPS expect from User Information Endpoint? I am sending However IPS says: When trying to sign in. I noticed that it does same request twice, once with access_token in query string and other with access_token in body. Is there are special way it needs to be handled for IPS?
bfarber Posted February 13, 2019 Posted February 13, 2019 It uses the header first, and falls back to trying the query string if that does not succeed. The only data necessary is a unique user ID ('sub' in your example). It sounds like the software is not picking this up from the user info endpoint for some reason, although without looking at it directly I can't say why from here. You may wish to submit a ticket for assistance.
Paulius Pro Posted February 13, 2019 Author Posted February 13, 2019 1 hour ago, bfarber said: It uses the header first, and falls back to trying the query string if that does not succeed. The only data necessary is a unique user ID ('sub' in your example). It sounds like the software is not picking this up from the user info endpoint for some reason, although without looking at it directly I can't say why from here. You may wish to submit a ticket for assistance. Hey thanks again for response. I got it fully working. In IPS it says that to get user info data you have to fill in the fields with response[user_id] and etc... So whats what I did, response, response[name], response. But apparently you don't need to add response[ ], just sub, name, email. Don't know how I was confused by it, but anyways, it works! Thank you again for the help!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.