angularjs - OWIN OpenId "insufficient_scope" when using OpenIDConnect token for CORS request -



angularjs - OWIN OpenId "insufficient_scope" when using OpenIDConnect token for CORS request -

what need enable cors owin openid connect tokens in asp.net mvc webapi?

i'm using thinktecture identity server v3 , implicit flow.

i've gpt angularjs application hosted on https://b3ncr.comms/, identityserver v3 on https://b3ncr.auth/ , api on https://b3ncr.comms.api/

my api configured follows.

app.useidentityserverjwt(new jwttokenvalidationoptions { authorization = "https://b3ncr.auth:44340/identity" }); app.requirescopes("sampleapi");

i login , token next parameters.

https://b3ncr.auth:44340/identity/connect/authorize?response_type=id_token token &client_id=implicit &scope=openid profile sampleapi &redirect_uri=https://b3ncr.comms:44341/logon &nonce=blah

that returns token expected , extract , seek phone call api. when seek phone call api token angularjs makes next http request:

request url:https://b3ncr.comms.api:44342/api/identity request method:options accept:*/* accept-encoding:gzip,deflate accept-language:en-gb,en-us;q=0.8,en;q=0.6 access-control-request-headers:accept, authorization access-control-request-method:post cache-control:no-cache connection:keep-alive host:b3ncr.comms.api:44342 origin:https://b3ncr.comms:44341 pragma:no-cache referer:https://b3ncr.comms:44341/

and api returns next headers:

access-control-allow-headers:content-type, authorization access-control-allow-methods:get,put,post,delete,options access-control-allow-origin:* content-length:0 date:mon, 27 oct 2014 22:48:24 gmt server:microsoft-iis/8.5 www-authenticate:bearer error="insufficient_scope" x-powered-by:asp.net

to me looks owin middleware rejecting request because token doesn't contain scope api requiring , requested authorize parameters. if utilize token directly, in fiddler illustration works perfectly.

edit: didn't include { withcredentials: true } config alternative on request. i've added still getting same issue.

edit again: turns out i'm not supposed utilize withcredentials authorization header, that's using cookies.

angularjs asp.net-web-api cors owin thinktecture-ident-server

Comments

Post a Comment

Popular posts from this blog

Delphi change the assembly code of a running process -

Delphi change the assembly code of a running process - i'm trying alter address 00741fa5 has push test.009e721c . alter push test.009e71c8 . procedure callback; asm force $9e71c8 end; procedure tform2.btn1click(sender: tobject); var ppid :dword; pprocess : cardinal; begin getwindowthreadprocessid(findwindow(nil,pchar('test')), @ppid); pprocess := openprocess(process_all_access, false, ppid); injectasm(pprocess, $741fa5, 10, integer(@callback), 0); end; here injectasm function (with error checking) function injectasm(process: longword; injectaddress, injectsize, codeaddress, codesize : integer): pointer; var csize, rsize : integer; replaced : array of byte; jmp : array [0..4] of byte; jmpaddress : integer; nopv : byte; : integer; nbr: ulong_ptr; begin //injectsize must equal or greater 5, because need space our //(far) jmp wwxxyyzz instruction //if there's no space, inject in place of few instructions if injectsize ...
Read more

json - Hibernate and Jackson (java.lang.IllegalStateException: Cannot call sendError() after the response has been committed) -

json - Hibernate and Jackson (java.lang.IllegalStateException: Cannot call sendError() after the response has been committed) - hello have problem hibernate , jackson. have 2 pojos @entity @table(name = "users") public class user implements serializable { static final long serialversionuid = 4235637833262722256l; @id @generatedvalue private int id; @column(name = "creation_date") private date creationdate; @column(name = "first_name") private string firstname; @column(name = "last_name") private string lastname; @version @column(name = "version") private int version; @column(name = "e_mail") private string email; @column(name = "enabled") private boolean enabled; @column(name = "login") private string login; @column(name = "password") private string password; @jsonmanagedreference("role") @onetomany(mappedby = "user", cascade = cascadetype.all,fetch = fetchtyp...
Read more

C++ 11 "class" keyword -

C++ 11 "class" keyword - i've started using c++ 11 little bit more , have few questions on special uses of class keyword. know it's used declare class, there's 2 instances have seen don't understand: method<class t>(); and class class_name *var; why precede typename keyword class in first example, , keyword pointer in sec example? that known elaborated type specifier , necessary when class name "shadowed" or "hidden" , need explicit. class t { }; // love of god don't t t; t t2; if compiler smart, give these warnings: main.cpp:15:5: error: must utilize 'class' tag refer type 't' in scope t t2; ^ class main.cpp:14:7: note: class 't' hidden non-type declaration of 't' here t t; ^ if class not defined, deed forwards declaration. for example: template <typename t> void method() { using type = typename t::value_type; } method...
Read more