1. Namdev Gopalghare
  2. PowerBuilder
  3. Friday, 19 January 2024 11:29 AM UTC

We are trying to implement the OAuth flow in PowerBuilder windows application using Azure AD.

When the access token is requested using the "OAuthClient" and "TokenRequest" object with the grant_type as "Autherization_code" then we are always getting response as below:

400 - BAD request - error":"invalid_grant","error_description":"AADSTS9002313: Invalid request. Request is malformed or invalid."

Above error is getting only for grant_type as "Autherization_code" and for other grant type (e.g. client_credential) it works as expected.

 

When the access token is requested using the "HttpClient" object then we are getting proper response and no error.

 

Is there any specific issue with "OAuthClient" and "TokenRequest" object and the grant_type as "Autherization_code" for access token request?

Is there any way to check what request exactly getting created using "OAuthClient" and "TokenRequest" objects for access token?

Is there any security concern or disadvantage of using "HttpClient" object for requesting the access token instead of  "OAuthClient" and "TokenRequest" object? Which one should be preferred option for the OAuth flow?

 

Below is the code used for creating request:

ltr_Request.tokenlocation = ls_url_1
ltr_Request.Method = "POST"
ltr_Request.granttype = "authorization_code"
ltr_Request.clientid = ls_id
ltr_Request.clientsecret = ls_secret
ltr_Request.ClearParams()
ltr_Request.AppendParam( "grant_type","authorization_code")
ltr_Request.AppendParam( "client_id", ls_id )
ltr_Request.AppendParam( "client_secret", ls_secret )
ltr_Request.AppendParam( "scope", ls_Scope )
ltr_Request.AppendParam( "code", ls_code )
ltr_Request.AppendParam( "redirect_uri", ls_Redirect )
ltr_Request.ClearHeaders()
ltr_Request.SetHeader("Content-Type","application/x-www-form-urlencoded")

li_rtn = loa_Client.AccessToken( ltr_Request, ltr_Response )

 

Please help here if anyone has experienced the similar issue.

Francisco Martinez @Appeon Accepted Answer Pending Moderation
  1. Friday, 19 January 2024 14:51 PM UTC
  2. PowerBuilder
  3. # 1

Hi Namdev,

 

Just to cover all bases:

"Autherization_code" is not typed correctly, it should be "authorization_code".
I see that in your code example it's typed correctly, but I just wanted to confirm.

 

Regards,
Francisco

Comment
There are no comments made yet.
Namdev Gopalghare Accepted Answer Pending Moderation
  1. Monday, 22 January 2024 04:08 AM UTC
  2. PowerBuilder
  3. # 2

in the code it is set as you mentioned only.

Please refer below code line for the same.

ltr_Request.granttype = "authorization_code"

ltr_Request.AppendParam( "grant_type","authorization_code")

 

Is there any specific issue with "OAuthClient" and "TokenRequest" object and the grant_type as "Autherization_code" for access token request?

Is there any way to check what request exactly getting created using "OAuthClient" and "TokenRequest" objects for access token?

Is there any security concern or disadvantage of using "HttpClient" object for requesting the access token instead of  "OAuthClient" and "TokenRequest" object? Which one should be preferred option for the OAuth flow?

Comment
  1. Logan Liu @Appeon
  2. Tuesday, 23 January 2024 03:02 AM UTC
Hi Namdev,

Normally, you can add less code if choose OAutheClient to build to request, the code can be more clear to read. But you can use HttpClient instead of using OAuthClient at any time.

You can use Fiddler or other tools to capture the HTTP request.

We have also replied to your private ticket 11467.

Regards, Logan
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.