Unable to get the code when issuing a request to the authorisation end-point
Hello,
1. I’ve registered an application with the first reply URL set to http://srv.mydomain.fr:8080/oauth/redirect
The other replies URL are not set.
2. On my server, I’ve the following NodeJS script running:
const express = require(‘express’)
const app = express()
app.get(‘/oauth/redirect’, (req, res) => {
const code = req.query.code
console.log(‘code=[‘ + code + ‘]’)
res.send(‘Redirect OK’);
})
app.listen(8080)
3. A test command for testing my server connexion works.
Test command entered on WAN side:
$ curl http://srv.mydomain.fr:8080/oauth/redirect?code=test
RedirectOK
On server side, the NodeJS script displays the expected string:
code=[test]
4. The request to the Legrand authorisation end-point always fails 🙁
Command entered either on server or WAN side:
$ curl -v ‘https://partners-login.eliotbylegrand.com/authorize?client_id=my-client-id&response_type=code&redirect_uri=http://srv.mydomain.fr:8080/oauth/redirect’
* Trying 52.174.184.18…
* TCP_NODELAY set
* Connected to partners-login.eliotbylegrand.com (52.174.184.18) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=FR; ST=�le-de-France; L=PARIS; O=CLARANET; OU=CRITICALDATA; CN=partners-login.eliotbylegrand.com
* start date: Jan 21 00:00:00 2020 GMT
* expire date: Jan 20 12:00:00 2022 GMT
* subjectAltName: host “partners-login.eliotbylegrand.com” matched cert’s “partners-login.eliotbylegrand.com”
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Thawte RSA CA 2018
* SSL certificate verify ok.
> GET /authorize?client_id=my-client-id&response_type=code&redirect_uri=http://srv.mydomain.fr:8080/oauth/redirect HTTP/1.1
> Host: partners-login.eliotbylegrand.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Location: https://login.eliotbylegrand.com:443/0d8816d5-3e7f-4c86-8229-645137e0f222/oauth2/v2.0/authorize?p=B2C_1_ThirdApp-AccountLinking&client_id=my-client-id&redirect_uri=https%3a%2f%2fpartners-login.eliotbylegrand.com%2fauthentication%2fauthorizecallback&response_type=code+id_token&response_mode=form_post&scope=openId+offline_access+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fautomation.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fautomation.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flight.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flight.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fmeter.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fmeter.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplug.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplug.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fscene.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fscene.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2ftopology.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2faudiovideoterminal.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fcomfort.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fcomfort.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fscene.launch+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flock.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flock.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fsafety.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fsafety.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplayer.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplayer.play+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2faudiovideoterminal.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fnetwork.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fnetwork.write&state=CfDJ8IOmEAdX1XVLh26bVMw_Wy4uLuJLnf3hggHOjVPY5I_jUpjhdzwZQtca0_GpypqEcPcbR6O7Eig3b-5G9DFyFtQemaqFe59G-xZzetD0k_iKkV1H2rdPuYknWoAtWZUmyYltRdrefr1p2TSa_9GC1tjq3XcNQjbAAZqpnPerb-c8VL28b5uRiohjQEVtllLKYp_QKaRx9SiEAfLuQpvLgFMKx_Waj1-VXyPOtkZYPE0S5LBm7bZaq-OZkQnofsoTgk9h927HbEwk-pZhY1CmTaWEFhNqfy_t_kAcUSQeuDG8ib6TaA8hs8o7ivEe7opzO-rLLzawtcJvDwmuDqGUmsNPUsIaFCfBza0dtK8xLoWdjlh8LNEV7D54YA5tXBKWFVrloPNUYrEV_UtNUlBFrvF_vWpEhbvUebtGkyO9TEY8ak2s0B_mEnnGk2i-0GQJBYNDeB-TsG2gwwHLRyCnHIVGOwE_14lwmW7xcMZtZWizgSHttQ-PGWSTTxcD2c9P06B26XO92bm2k2KmQmE7dCU3InhwSFC7B1EMfYbn86Y6JtZuOUiOhNi-v2dQRGmt8zZnF8PoMVa0uJt1Ngj6zhU&nonce=637426725932985583.OTI2OWZkNWQtYWM1OC00ZDNhLWEwZGUtMDYyOThhOWY5YzFjOGUyYTA2MWMtNjYxMi00NGE1LWJhMmItYTk5ZjczYTQ5MGVm&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
< Server: Microsoft-IIS/10.0
< Set-Cookie: TiPMix=6.72355136215852; path=/; HttpOnly; Domain=partners-login.eliotbylegrand.com; Max-Age=3600; Secure
< Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=partners-login.eliotbylegrand.com; Max-Age=3600; Secure
< Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8IOmEAdX1XVLh26bVMw_Wy7OyY5bbQCAC32uUvaq9UmRqc5DlgvGts8KNHR3SMYXSYBv-wZo2bpiGZXtjqeEUSrFbL2sPRwKuDCDThm6yct4_5XoyV1NxSOjrvgpPD9m4PJdq-4CKmzo5bybrhjTk1GcUVBUgihtbq5u7RTYUIFGcSSfH84kKELj_v-I53JGMd8F5eDe82iUtRDVL7kFJ7JI2ZLymcjZ_TaoUlI9JWY3jB4QxcQtjBNq-QkTYqyJfOFN9bqH-0tJyTrsKn6J5MA=N; path=/
< Request-Context: appId=cid-v1:e002236c-8fae-4f5f-83a1-53584148e760
< X-Powered-By: ASP.NET
< Set-Cookie: ARRAffinity=9d657eac204eb998435f096325ad518fdb38540d4f21108a68c6dc28283ef965;Path=/;HttpOnly;Secure;Domain=partners-login.eliotbylegrand.com
< Set-Cookie: ARRAffinitySameSite=9d657eac204eb998435f096325ad518fdb38540d4f21108a68c6dc28283ef965;Path=/;HttpOnly;SameSite=None;Secure;Domain=partners-login.eliotbylegrand.com
< Date: Fri, 04 Dec 2020 09:56:32 GMT
< Content-Length: 0
<
* Curl_http_done: called premature == 0
* Connection #0 to host partners-login.eliotbylegrand.com left intact
On server side, the NodeJS script receives nothing (confirmed by Wireshark trace).
I can’t explain the 302 error code.
What is wrong?
Should I use an HTTPS URL for redirection?
Thanks for your help.
Pascal
Oops: 302 is not an error code of course.
And it works if I enter the request from a browser. I have to accept the access on HTML page send to receive the code on the NodeJS script.
The issue is solved.
Pascal
Hello Pascal,
I was answering you to test it via web browser ;). Happy to hear you resolved your issue
Have a good day,
Leslie – Community Manager
Thanks Leslie,
Have a good day too.
Pascal
You must be logged in to reply to this topic.
3 replies 
2 participants