Forum

Browse topics, discover Works With Legrand community!

Unable to get the code when issuing a request to the authorisation end-point

Hello,

1. I've registered an application with the first reply URL set to http://srv.mydomain.fr:8080/oauth/redirect

The other replies URL are not set.

2. On my server, I've the following NodeJS script running:

const express = require('express')

const app = express()

app.get('/oauth/redirect', (req, res) => {
    const code = req.query.code
    console.log('code=[' + code + ']')
    res.send('Redirect OK');
})

app.listen(8080)

3. A test command for testing my server connexion works.

Test command entered on WAN side:

$ curl http://srv.mydomain.fr:8080/oauth/redirect?code=test
RedirectOK

On server side, the NodeJS script displays the expected string:

code=[test]

4. The request to the Legrand authorisation end-point always fails 🙁

Command entered either on server or WAN side:

$ curl -v 'https://partners-login.eliotbylegrand.com/authorize?client_id=my-client-id&response_type=code&redirect_uri=http://srv.mydomain.fr:8080/oauth/redirect'
* Trying 52.174.184.18...
* TCP_NODELAY set
* Connected to partners-login.eliotbylegrand.com (52.174.184.18) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=FR; ST=�le-de-France; L=PARIS; O=CLARANET; OU=CRITICALDATA; CN=partners-login.eliotbylegrand.com
* start date: Jan 21 00:00:00 2020 GMT
* expire date: Jan 20 12:00:00 2022 GMT
* subjectAltName: host "partners-login.eliotbylegrand.com" matched cert's "partners-login.eliotbylegrand.com"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Thawte RSA CA 2018
* SSL certificate verify ok.
> GET /authorize?client_id=my-client-id&response_type=code&redirect_uri=http://srv.mydomain.fr:8080/oauth/redirect HTTP/1.1
> Host: partners-login.eliotbylegrand.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Location: https://login.eliotbylegrand.com:443/0d8816d5-3e7f-4c86-8229-645137e0f222/oauth2/v2.0/authorize?p=B2C_1_ThirdApp-AccountLinking&client_id=my-client-id&redirect_uri=https%3a%2f%2fpartners-login.eliotbylegrand.com%2fauthentication%2fauthorizecallback&response_type=code+id_token&response_mode=form_post&scope=openId+offline_access+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fautomation.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fautomation.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flight.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flight.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fmeter.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fmeter.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplug.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplug.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fscene.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fscene.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2ftopology.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2faudiovideoterminal.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fcomfort.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fcomfort.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fscene.launch+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flock.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2flock.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fsafety.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fsafety.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplayer.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fplayer.play+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2faudiovideoterminal.write+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fnetwork.read+https%3a%2f%2feliotclouduamprd.onmicrosoft.com%2fsecurity%2fnetwork.write&state=CfDJ8IOmEAdX1XVLh26bVMw_Wy4uLuJLnf3hggHOjVPY5I_jUpjhdzwZQtca0_GpypqEcPcbR6O7Eig3b-5G9DFyFtQemaqFe59G-xZzetD0k_iKkV1H2rdPuYknWoAtWZUmyYltRdrefr1p2TSa_9GC1tjq3XcNQjbAAZqpnPerb-c8VL28b5uRiohjQEVtllLKYp_QKaRx9SiEAfLuQpvLgFMKx_Waj1-VXyPOtkZYPE0S5LBm7bZaq-OZkQnofsoTgk9h927HbEwk-pZhY1CmTaWEFhNqfy_t_kAcUSQeuDG8ib6TaA8hs8o7ivEe7opzO-rLLzawtcJvDwmuDqGUmsNPUsIaFCfBza0dtK8xLoWdjlh8LNEV7D54YA5tXBKWFVrloPNUYrEV_UtNUlBFrvF_vWpEhbvUebtGkyO9TEY8ak2s0B_mEnnGk2i-0GQJBYNDeB-TsG2gwwHLRyCnHIVGOwE_14lwmW7xcMZtZWizgSHttQ-PGWSTTxcD2c9P06B26XO92bm2k2KmQmE7dCU3InhwSFC7B1EMfYbn86Y6JtZuOUiOhNi-v2dQRGmt8zZnF8PoMVa0uJt1Ngj6zhU&nonce=637426725932985583.OTI2OWZkNWQtYWM1OC00ZDNhLWEwZGUtMDYyOThhOWY5YzFjOGUyYTA2MWMtNjYxMi00NGE1LWJhMmItYTk5ZjczYTQ5MGVm&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
< Server: Microsoft-IIS/10.0
< Set-Cookie: TiPMix=6.72355136215852; path=/; HttpOnly; Domain=partners-login.eliotbylegrand.com; Max-Age=3600; Secure
< Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=partners-login.eliotbylegrand.com; Max-Age=3600; Secure
< Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8IOmEAdX1XVLh26bVMw_Wy7OyY5bbQCAC32uUvaq9UmRqc5DlgvGts8KNHR3SMYXSYBv-wZo2bpiGZXtjqeEUSrFbL2sPRwKuDCDThm6yct4_5XoyV1NxSOjrvgpPD9m4PJdq-4CKmzo5bybrhjTk1GcUVBUgihtbq5u7RTYUIFGcSSfH84kKELj_v-I53JGMd8F5eDe82iUtRDVL7kFJ7JI2ZLymcjZ_TaoUlI9JWY3jB4QxcQtjBNq-QkTYqyJfOFN9bqH-0tJyTrsKn6J5MA=N; path=/
< Request-Context: appId=cid-v1:e002236c-8fae-4f5f-83a1-53584148e760
< X-Powered-By: ASP.NET
< Set-Cookie: ARRAffinity=9d657eac204eb998435f096325ad518fdb38540d4f21108a68c6dc28283ef965;Path=/;HttpOnly;Secure;Domain=partners-login.eliotbylegrand.com
< Set-Cookie: ARRAffinitySameSite=9d657eac204eb998435f096325ad518fdb38540d4f21108a68c6dc28283ef965;Path=/;HttpOnly;SameSite=None;Secure;Domain=partners-login.eliotbylegrand.com
< Date: Fri, 04 Dec 2020 09:56:32 GMT
< Content-Length: 0
<
* Curl_http_done: called premature == 0
* Connection #0 to host partners-login.eliotbylegrand.com left intact

On server side, the NodeJS script receives nothing (confirmed by Wireshark trace).

 

I can't explain the 302 error code.

What is wrong?

Should I use an HTTPS URL for redirection?

Thanks for your help.

Pascal

Oops: 302 is not an error code of course.

And it works if I enter the request from a browser. I have to accept the access on HTML page send to receive the code on the NodeJS script.

The issue is solved.

Pascal

 

Hello Pascal,

I was answering you to test it via web browser ;). Happy to hear you resolved your issue

Have a good day,

Leslie - Community Manager

Thanks Leslie,

Have a good day too.

Pascal

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

Information

message3 replies
people2 participants