You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@oltu.apache.org by "Tiburtius, Ashwanth [IWD]" <As...@iwd.iowa.gov> on 2015/01/08 22:41:40 UTC
Microsoft OAuth2 Question
Hi,
I am doing a poc to use Apache Oltu for user authentication against Google, Microsoft and Yahoo. I was able to successfully use the client demo provided by Apache Oltu to authenticate a user in Google using gmail credentials and also retrieve user information. But I am running into issues while trying to do the same for Microsoft. Following are the details I have entered but I keep getting the error "Error: Incorrect parameters: Redirect URI" even though the redirect uri matches the one configured in the API settings in Microsoft Development Center. This could be a Microsoft question but I would highly appreciate any help that you can provide. Google was quit straight forward to setup and execute but Microsoft is confusing to say the least. Hoping Apache Oltu would make life easier.
Requested Access Scope: wl.signin
End-User Authorization URL: https://login.live.com/oauth20_authorize.srf
Token Endpoint: https://login.live.com/oauth20_token.srf
Client ID: <Correct value entered>
Client Secret: <Correct value entered>
Redirect URI: http://iwd.gov/profile/register (This is the value entered in the API settings)
Thanks,
Jude.
Iowa Workforce Development - IT | 1000 E Grand Ave, Des Moines, IA 50319
(515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov<ma...@iwd.iowa.gov>
RE: Microsoft OAuth2 Question
Posted by "Tiburtius, Ashwanth [IWD]" <As...@iwd.iowa.gov>.
Hi Maciej,
Thank you for the response. It makes sense that the demo would only accept "http://localhost:8080/redirect" as the redirect uri since they would want the content provider to redirect back to the demo application. The problem is that Microsoft is not letting me put in this value as the redirect uri during client registration. Commenting out the validation did take me to the Windows login page. That was one step closer for me ☺.
Thanks,
Jude.
Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA 50319
(515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov<ma...@iwd.iowa.gov>
From: Maciej Machulak [mailto:maciej.machulak@gmail.com]
Sent: Thursday, January 08, 2015 4:22 PM
To: user@oltu.apache.org
Subject: Re: Microsoft OAuth2 Question
Hi,
Have you used similar redirect uri for Google? One of the classes in the demo (see https://svn.apache.org/repos/asf/oltu/trunk/demos/client-demo/src/main/java/org/apache/oltu/oauth2/client/demo/Utils.java) has the following:
if (!REDIRECT_URI.equals(redirectUri)) {
sb.append("Redirect URI");
}
where REDIRECT_URI is "http://localhost:8080/redirect"
Cheers,
Maciej
On 8 January 2015 at 22:41, Tiburtius, Ashwanth [IWD] <As...@iwd.iowa.gov>> wrote:
Hi,
I am doing a poc to use Apache Oltu for user authentication against Google, Microsoft and Yahoo. I was able to successfully use the client demo provided by Apache Oltu to authenticate a user in Google using gmail credentials and also retrieve user information. But I am running into issues while trying to do the same for Microsoft. Following are the details I have entered but I keep getting the error “Error: Incorrect parameters: Redirect URI” even though the redirect uri matches the one configured in the API settings in Microsoft Development Center. This could be a Microsoft question but I would highly appreciate any help that you can provide. Google was quit straight forward to setup and execute but Microsoft is confusing to say the least. Hoping Apache Oltu would make life easier.
Requested Access Scope: wl.signin
End-User Authorization URL: https://login.live.com/oauth20_authorize.srf
Token Endpoint: https://login.live.com/oauth20_token.srf
Client ID: <Correct value entered>
Client Secret: <Correct value entered>
Redirect URI: http://iwd.gov/profile/register (This is the value entered in the API settings)
Thanks,
Jude.
Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA 50319
(515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov<ma...@iwd.iowa.gov>
--
Maciej Machulak
email: maciej.machulak@gmail.com<ma...@gmail.com>
mobile: +44 7999 606 767 (UK)
mobile: +48 602 45 31 66 (PL)
Re: Microsoft OAuth2 Question
Posted by Maciej Machulak <ma...@gmail.com>.
Hi,
Have you used similar redirect uri for Google? One of the classes in the
demo (see
https://svn.apache.org/repos/asf/oltu/trunk/demos/client-demo/src/main/java/org/apache/oltu/oauth2/client/demo/Utils.java)
has the following:
if (!REDIRECT_URI.equals(redirectUri)) {
sb.append("Redirect URI");
}
where REDIRECT_URI is "http://localhost:8080/redirect"
Cheers,
Maciej
On 8 January 2015 at 22:41, Tiburtius, Ashwanth [IWD] <
Ashwanth.Tiburtius@iwd.iowa.gov> wrote:
> Hi,
>
>
>
> I am doing a poc to use Apache Oltu for user authentication against
> Google, Microsoft and Yahoo. I was able to successfully use the client demo
> provided by Apache Oltu to authenticate a user in Google using gmail
> credentials and also retrieve user information. But I am running into
> issues while trying to do the same for Microsoft. Following are the details
> I have entered but I keep getting the error “Error: Incorrect parameters:
> Redirect URI” even though the redirect uri matches the one configured in
> the API settings in Microsoft Development Center. This could be a Microsoft
> question but I would highly appreciate any help that you can provide.
> Google was quit straight forward to setup and execute but Microsoft is
> confusing to say the least. Hoping Apache Oltu would make life easier.
>
>
>
> *Requested Access Scope: wl.signin*
>
> *End-User Authorization URL: https://login.live.com/oauth20_authorize.srf
> <https://login.live.com/oauth20_authorize.srf>*
>
> *Token Endpoint: https://login.live.com/oauth20_token.srf
> <https://login.live.com/oauth20_token.srf>*
>
> *Client ID: <Correct value entered>*
>
> *Client Secret: <Correct value entered>*
>
> *Redirect URI: *http://iwd.gov/profile/register (This is the value
> entered in the API settings)
>
>
>
> Thanks,
>
> Jude.
>
> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA 50319
>
> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>
>
>
--
Maciej Machulak
email: maciej.machulak@gmail.com
mobile: +44 7999 606 767 (UK)
mobile: +48 602 45 31 66 (PL)
Re: Microsoft OAuth2 Question
Posted by Jasha Joachimsthal <ja...@apache.org>.
Hi,
My experience is that you cannot just copy-paste the implementation if
you connect with the big public oAuth providers. Most of them have
their own quirks. The following code works for me to get a profile of
a Microsoft account.
Substitute the clientId, clientSecret and redirectUri parameters with
the ones you have configured at Microsoft and handle the state
parameter properly. The scope wl.signin is the minimal scope at
Microsoft.
Authorization request:
OAuthClientRequest oAuthClientRequest = OAuthClientRequest
.authorizationProvider(OAuthProviderType.MICROSOFT)
.setClientId("myClientId")
.setResponseType(OAuth.OAUTH_CODE)
.setState("myStateValue")
.setScope("wl.signin")
.setRedirectURI("https://myapplication.example.com/redirect")
.buildQueryMessage();
String authzLocation = oAuthClientRequest.getLocationUri()
Get AccessToken:
String getAccessToken(final OAuthAuthzResponse oar)
throws OAuthSystemException, OAuthProblemException {
final String code = oar.getCode();
final OAuthClientRequest oAuthClientRequest = OAuthClientRequest
.tokenProvider(OAuthProviderType.MICROSOFT)
.setGrantType(GrantType.AUTHORIZATION_CODE)
.setClientId("myClientId")
.setClientSecret("myClientSecret")
.setRedirectURI("https://myapplication.example.com/redirect")
.setCode(code)
.buildBodyMessage();
final OAuthAccessTokenResponse accessTokenResponse =
oAuthClient.accessToken(oAuthClientRequest);
return accessTokenResponse.getAccessToken();
}
Get Profile:
final OAuthClientRequest bearerClientRequest = new
OAuthBearerClientRequestBuilder("https://apis.live.net/v5.0/me")
.setAccessToken(accessToken)
.buildQueryMessage();
return getoAuthClient().resource(bearerClientRequest,
OAuth.HttpMethod.GET, OAuthResourceResponse.class);
Regards,
Jasha
On 8 January 2015 at 22:41, Tiburtius, Ashwanth [IWD]
<As...@iwd.iowa.gov> wrote:
> Hi,
>
>
>
> I am doing a poc to use Apache Oltu for user authentication against Google,
> Microsoft and Yahoo. I was able to successfully use the client demo provided
> by Apache Oltu to authenticate a user in Google using gmail credentials and
> also retrieve user information. But I am running into issues while trying to
> do the same for Microsoft. Following are the details I have entered but I
> keep getting the error “Error: Incorrect parameters: Redirect URI” even
> though the redirect uri matches the one configured in the API settings in
> Microsoft Development Center. This could be a Microsoft question but I would
> highly appreciate any help that you can provide. Google was quit straight
> forward to setup and execute but Microsoft is confusing to say the least.
> Hoping Apache Oltu would make life easier.
>
>
>
> Requested Access Scope: wl.signin
>
> End-User Authorization URL: https://login.live.com/oauth20_authorize.srf
>
> Token Endpoint: https://login.live.com/oauth20_token.srf
>
> Client ID: <Correct value entered>
>
> Client Secret: <Correct value entered>
>
> Redirect URI: http://iwd.gov/profile/register (This is the value entered in
> the API settings)
>
>
>
> Thanks,
>
> Jude.
>
> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA 50319
>
> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>
>