javascript - Angular $http.post() request sent as OPTIONS to IdentityServer v3 Token Endpoint -


i have sample app authorize using identityserver v3 , openid connect authorization code flow in client side. can authorization_code , session_state when call token endpoint problem occurs. token endpoint responds invalid http status code 405

here code angular.js config.

angular.js

app.js

angular.module('oidc3', ['oauth', 'ngstorage', 'base64'])     .config(function ($locationprovider, $httpprovider) {         $locationprovider.html5mode(true);         $httpprovider.defaults.withcredentials = true;         $httpprovider.defaults.usexdomain = false;         delete $httpprovider.defaults.headers.common['x-requested-with'];         $httpprovider.defaults.headers.post['content-type'] = 'application/x-www-form-urlencoded';     });

logincontroller

angular.module('oidc3')     .controller('logincontroller', function ($scope, $http, $timeout, $location, $base64) {      var getparamsfromurl = function(url) {         var splitted = url.split('?');         splitted = splitted[1].split('&');         var params = {};          (var = 0; < splitted.length; i++) {             var param  = splitted[i].split('=');             var key    = param[0];             var value  = param[1];             params[key] = value         }         return params;     };      var gettoken = function (url, data, header) {         $http.defaults.headers.common.authorization = header;         return $http.post(url, data);     };      if($location.absurl().split('?')[1]) {         $scope.params = getparamsfromurl($location.absurl());          var tokenendpoint = 'https://localhost:44333/connect/token';         var client_id = 'codeclient';         var client_secret = 'secret';         var str = client_id + ':' + client_secret;          var baseencoded = $base64.encode(str);               var tokendata = {};         tokendata.grant_type = 'authorization_code';         tokendata.code = $scope.params.code;         tokendata.redirect_uri = 'http://localhost:8000/login.html';           var reqheader = 'basic ' + baseencoded;          gettoken(tokenendpoint, tokendata, reqheader)             .success(function (data, status, headers, config) {                 console.log(data);                 console.log(status);                 console.log(headers);                 console.log(config);             }).error(function (data, status, headers, config) {                 console.log(data);                 console.log(status);                 console.log(headers);                 console.log(config);             });     } });

i manually setting authorization headers basic encoded client_id , client_secret. when post request sent server returns 405 response. screen grab of chrome developer tools network section here.

enter image description here

but when don't manually set header post request sent correctly , server returns invalid_client error because doesn't have way authenticate client out header. identityserver v3 trace.log messages bellow.

with manually set authorization header

iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.welcomecontroller]: 4/29/2015 3:34:19 +00:00 -- welcome page requested iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.welcomecontroller]: 4/29/2015 3:34:19 +00:00 -- rendering welcome page iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:34:34 +00:00 -- start authorize request iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:34 +00:00 -- start authorize request protocol validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:34 +00:00 -- authorize request validation success  {   "redirecturi": "http://localhost:8000/login.html",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278473164",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278473164",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:34 +00:00 -- start authorize request client validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:34 +00:00 -- authorize request validation success  {   "clientid": "codeclient",   "clientname": "code flow client demo",   "redirecturi": "http://localhost:8000/login.html",   "allowedredirecturis": [     "https://localhost:44312/callback",     "http://localhost:63342/oidc_test/redirect.html",     "http://localhost:8000/login.html",     "https://localhost:4443/login.html"   ],   "subjectid": "88421113",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278473164",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278473164",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:34:34 +00:00 -- showing consent screen iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:34:34 +00:00 -- end authorize request iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:34:36 +00:00 -- resuming consent, restarting validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:36 +00:00 -- start authorize request protocol validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:36 +00:00 -- authorize request validation success  {   "redirecturi": "http://localhost:8000/login.html",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278473164",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278473164",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:36 +00:00 -- start authorize request client validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:34:36 +00:00 -- authorize request validation success  {   "clientid": "codeclient",   "clientname": "code flow client demo",   "redirecturi": "http://localhost:8000/login.html",   "allowedredirecturis": [     "https://localhost:44312/callback",     "http://localhost:63342/oidc_test/redirect.html",     "http://localhost:8000/login.html",     "https://localhost:4443/login.html"   ],   "subjectid": "88421113",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278473164",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278473164",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.responsehandling.authorizeresponsegenerator]: 4/29/2015 3:34:36 +00:00 -- creating authorization code flow response. iisexpress.exe information: 0 : [thinktecture.identityserver.core.results.authorizeredirectresult]: 4/29/2015 3:34:36 +00:00 -- redirecting to: http://localhost:8000/login.html

without manually setting authorization header

iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.welcomecontroller]: 4/29/2015 3:37:39 +00:00 -- welcome page requested iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.welcomecontroller]: 4/29/2015 3:37:39 +00:00 -- rendering welcome page iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:37:52 +00:00 -- start authorize request iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:52 +00:00 -- start authorize request protocol validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:52 +00:00 -- authorize request validation success  {   "redirecturi": "http://localhost:8000/login.html",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278670509",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278670509",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:52 +00:00 -- start authorize request client validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:52 +00:00 -- authorize request validation success  {   "clientid": "codeclient",   "clientname": "code flow client demo",   "redirecturi": "http://localhost:8000/login.html",   "allowedredirecturis": [     "https://localhost:44312/callback",     "http://localhost:63342/oidc_test/redirect.html",     "http://localhost:8000/login.html",     "https://localhost:4443/login.html"   ],   "subjectid": "88421113",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278670509",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278670509",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:37:52 +00:00 -- showing consent screen iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:37:52 +00:00 -- end authorize request iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.authorizeendpointcontroller]: 4/29/2015 3:37:54 +00:00 -- resuming consent, restarting validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:54 +00:00 -- start authorize request protocol validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:54 +00:00 -- authorize request validation success  {   "redirecturi": "http://localhost:8000/login.html",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278670509",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278670509",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:54 +00:00 -- start authorize request client validation iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.authorizerequestvalidator]: 4/29/2015 3:37:54 +00:00 -- authorize request validation success  {   "clientid": "codeclient",   "clientname": "code flow client demo",   "redirecturi": "http://localhost:8000/login.html",   "allowedredirecturis": [     "https://localhost:44312/callback",     "http://localhost:63342/oidc_test/redirect.html",     "http://localhost:8000/login.html",     "https://localhost:4443/login.html"   ],   "subjectid": "88421113",   "responsetype": "code",   "responsemode": "query",   "flow": "authorizationcode",   "requestedscopes": "openid profile email",   "state": "1430278670509",   "nonce": "nonce",   "sessionid": "585c26034281e898b73012e9335868cb",   "raw": {     "response_type": "code",     "client_id": "codeclient",     "redirect_uri": "http://localhost:8000/login.html",     "scope": "openid profile email",     "state": "1430278670509",     "nonce": "nonce"   } } iisexpress.exe information: 0 : [thinktecture.identityserver.core.responsehandling.authorizeresponsegenerator]: 4/29/2015 3:37:54 +00:00 -- creating authorization code flow response. iisexpress.exe information: 0 : [thinktecture.identityserver.core.results.authorizeredirectresult]: 4/29/2015 3:37:54 +00:00 -- redirecting to: http://localhost:8000/login.html iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.tokenendpointcontroller]: 4/29/2015 3:37:55 +00:00 -- start token request iisexpress.exe information: 0 : [thinktecture.identityserver.core.validation.clientvalidator]: 4/29/2015 3:37:55 +00:00 -- start client validation iisexpress.exe error: 0 : [thinktecture.identityserver.core.validation.clientvalidator]: 4/29/2015 3:37:55 +00:00 -- no or malformed client credential found.  {} iisexpress.exe information: 0 : [thinktecture.identityserver.core.endpoints.tokenendpointcontroller]: 4/29/2015 3:37:55 +00:00 -- end token request iisexpress.exe information: 0 : [thinktecture.identityserver.core.results.tokenerrorresult]: 4/29/2015 3:37:55 +00:00 -- returning error: invalid_client

i did research , found out related cors , due preflight check see if client can access endpoint i'm calling. how can avoid , send post request token endpoint.


Comments

Post a Comment

Popular posts from this blog

php - failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request -

this code i'm using find latitude , longitude of place: function coords($address){ echo $url="http://maps.googleapis.com/maps/api/geocode/json?address=".$address; $json = file_get_contents(urlencode($url)); $data = json_decode($json, true); print_r($data['results'][0]['geometry']['location']['lat']); print_r($data['results'][0]['geometry']['location']['lng']); } however returns warning: failed open stream: http request failed! http/1.0 400 bad request if use above code in simple procedure works fine not in function. note: have tried curl_init()... method produced same result? instead of encoding whole url encode address part. following code work fine $add='jamshoro phase 2'; $url="http://maps.googleapis.com/maps/api/geocode/json?address=".urlencode($add); $json = file_get_contents($url); $data = json_decode($json, true); print_r($data['r
Read more

java - How to filter a backspace keyboard input -

i have code gives message when key number pressed: txtvalueofclause.addeventfilter(keyevent.key_typed, new eventhandler<keyevent>() { @override public void handle(keyevent t) { char ar[] = t.getcharacter().tochararray(); char ch = ar[t.getcharacter().tochararray().length - 1]; if (!(ch >= '0' && ch <= '9')) { system.out.println("the char entered not number"); t.consume(); } } }); now if press on wrong button , press backspace remove it, error message. how can add backspace input if statement? i have found answer: txtvalueofclause.addeventfilter(keyevent.key_typed, new eventhandler<keyevent>() { @override public void handle(keyevent t) { char ar[] = t.getcharacter().tochararray(); char ch = ar[t.getcharacter().tochar
Read more

java - Show Soft Keyboard when EditText Appears -

i have code in android app, alert dialog , keyboard, , when dialog shown want keyboard appear. not , not sure why? here code: final alertdialog.builder alert = new alertdialog.builder(this); alert.settitle("title"); alert.setmessage("message"); final edittext input = new edittext(this); input.setinputtype(inputtype.type_class_number); alert.setview(input); input.setonfocuschangelistener(new view.onfocuschangelistener() { @override public void onfocuschange(view v, boolean hasfocus) { if (hasfocus) { log.i(tag, "in focus"); inputmethodmanager inputmethodmanager = (inputmethodmanager) getsystemservice(context.input_method_service); inputmethodmanager.showsoftinput(input, inputmethodmanager.show_implicit); } } }); but keyboard not appear though edit text in focus, , tell appear why, doesn't come up? thanks in advance.
Read more