Issue with SSO authentication

Jan_Krueger · July 23, 2018, 5:58pm

Hey community,
I have issues with my SSO authentication for my eve online web-app.
I am using axios to make a post request, so I can trade the callbackCode to a accessToken.
This is my code:

this.axios({
method: ‘post’,
url: ‘https://login.eveonline.com/oauth/token’,
data: {
headers: {
‘Content-Type’: ‘application/x-www-form-urlencoded’,
‘Authorization’: ‘Basic [Base64code]’,
‘crossDomain’: true
},
body: “grant_type=authorization_code&code=”+callbackCode
}
}).then(response => {
this.postBody = response;
})

callbackCode is the code that is extracted from the URL, it gets me the correct code, so theres not the problem.
When I do the request using a restlessClient extension I do get a propper response. But using this I dont. The error is the following:

-OPTIONS https://login.eveonline.com/oauth/token 404 (Not Found)

-Failed to load login.eveonline .com/oauth/token: Response to preflight request doesn’t
pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the
requested resource. Origin [My URL] is therefore not allowed access. The
response had HTTP status code 404.

-Uncaught (in promise) Error: Network Error
at t.exports (createError.js:16)
at XMLHttpRequest.p.onerror (xhr.js:87)

Can anyone help me with this?

Sincerly,
Jan

EveDataRules · July 23, 2018, 6:07pm

looks like a CORS issue, should not be making OPTIONS requests.

Also are you trying to use refresh_token flow in a client side web app?! That’s not recommended as you cannot protect the secret key.

Jan_Krueger · July 23, 2018, 7:06pm

Okay, I have switched to JQuery now, cause im more familiar with it. This is my new request:

$.ajax({
data: “grant_type=authorization_code&code=”+callBackParam,
headers: {‘Authorization’: ‘Basic …’},
success: function (data){
console.log(data);
},
url: “https://login.eveonline.com/oauth/token”,
method: “POST”
})

But I cant seem to get a post request working with a Auth Header and without preflight/options

I am completly confussed now, cause you cant make a OPTIONS request, but you cant make a POST request with a Authorization header without CORS, but you require that header for the request according to the eve docs
Can someone clarify this for me

EDIT: I have managed to get it working, using implicit method

system · October 21, 2018, 7:06pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.