Axios ESI SSO Bad Request

EVE Technology and Research Center Third Party Developers
1

Hello, I am trying to add EvE SSO to an Angular web application that I am developing and am having troubles figuring out how to get it working.

Front end is as follows

<a href="https://login.eveonline.com/oauth/authorize?response_type=code&redirect_uri=http://localhost:3000/sso&client_id=320a1d397b934d06b4210628680b64ff">Login with Eve</a>

Upon clicking that anchor tag I am redirected to EvE login. I successfully login and am sent a GET request as outlined in the current lackluster SSO documentation. I intercept this in a local express webserver with the following method:

const express = require('express');
const axios = require('axios');
const querystring = require('querystring');
const app = express();
const port = 3000;

app.get('/sso', async (req, res) => {
    var parsedString = querystring.parse(req.url.split("?")[1]);
    var cid = '320a1d397b934d06b4210628680b64ff';
    var sk = 'ZaA2JsIPbwpSaXzgmMTAtgWLgP5qqU0reMLDPpeI';
    var b64 = Buffer.from(`${cid}:${sk}`).toString('base64');
    var url = 'https://login.eveonline.com/v2/oauth/token';

    console.log(b64);
    console.log(parsedString.code);

    axios.post(url, querystring.stringify({'grant_type':'authorization_code', 'code':`${parsedString.code}`}), {
      headers: {
        Authorization: `Basic ${b64}`,
        'Content-Type': 'application/x-www-form-urlencoded',
        Host: 'login.eveonline.com',
        Accept: 'application/json',
      }}).then((response) => {
        console.log(response);
      }).catch((error) => {
        //console.error(error);
      });
});

app.listen(port, () => {
  console.log(`EvE-Industry Server Started On : ${port}`)
})

Upon attempting to create the axios.post() request I am receiving a 400 HTTP response with error code as follows:

{
    "error": "invalid_grant",
    "error_description": "Grant type  is not supported."
}

I am unsure of how to proceed. I have revealed the client id and secret key in this example as it is only a test application. I have attempted to send the required information in postman but get the same response.
I have also verified that the base64 encoding of client:secret is working properly with the test case they provided in the documentation.

Any help would be greatly appreciated.

2

Figured it out, I was sending the first request from the front end ( initial authorization ) to the incorrect endpoint. After cleanup i am receiving status 200 with expected data.

<a href="https://login.eveonline.com/v2/oauth/authorize/?response_type=code&redirect_uri=http://localhost:3000/sso&client_id=320a1d397b934d06b4210628680b64ff&state=hungryhipposllc">Login with Eve</a>

Above is the correct endpoint for anyone that has pulled out as much hair as I have. All information will be included in this post will be deleted ( application on eve dev portal along with secret keys and states ).

3

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.