I actually got the issue resolved, I had the PKCE configured as "Not Required". After I changed that to "Required" the flow worked as expected.
Thanks.
A
Best posts made by apeksha.barhanpur
-
RE: "Invalid Authorization Code" while implementing the Authorization Code Flow with Proof Key for Code Exchange (PKCE)posted in Q&A
Latest posts made by apeksha.barhanpur
-
RE: Unable to send email via JavaMail Prime Messaging Exceptionposted in General Discussion
@joshua We have not received any email on the earlier inquiry. Can you share the details here?
-
RE: Unable to send email via JavaMail Prime Messaging Exceptionposted in General Discussion
@joshua thanks. How can I access that channel since you would be replying there?
-
Email Send exception while calling the /registration APIposted in General Discussion
Hi,
We are calling the /api/user/registration API to create and register a new user. Our requirement is that we want to send an email verification first to the user, only after the user clicks on the link and verifies the email then we would like the user to be verified in FusioanAuth.
Based on the API documentation it states that when we make a request to this API and if the "skipVerification" is set to default with is "false" it should send an email verification to the newly created user. And then the user should get an email.
Though the call is successful we are getting the following error within the event logs while sending the email.
Async Email Send exception occurred.
Template Id: 0e107c44-a3de-4607-b51c-cd797463ce3a
Template Name: [FusionAuth Default] Email Verification
Tenant Id: 07448f27-ca36-9612-8b9a-bce2e7137351
Addressed to: apekshagb@gmail.comCause:
javax.mail.MessagingException : Message: Could not connect to SMTP host: 127.0.0.1, port: 1025I did try to use an external SMTP server as mailcatcher but that didn't work either. Are we missing any configuration or we need to call a different API?
Regards
Apeksha -
Unable to send email via JavaMail Prime Messaging Exceptionposted in General Discussion
We had posted this issue a few days back, Can someone help us with this issue? We even looked at few other posts from past but no luck yet.
-
RE: "Invalid Authorization Code" while implementing the Authorization Code Flow with Proof Key for Code Exchange (PKCE)posted in Q&A
I actually got the issue resolved, I had the PKCE configured as "Not Required". After I changed that to "Required" the flow worked as expected.
Thanks.
-
"Invalid Authorization Code" while implementing the Authorization Code Flow with Proof Key for Code Exchange (PKCE)posted in Q&A
Hi Team,
I am trying to implement the Authorization Code Flow with Proof Key for Code Exchange (PKCE) into our POC app and have been facing some issue.
Below are the details on the logic that I am trying to implement or the steps that I have performed so far.
-
I am first generation a code_verifier (String of 43 - 128 characters)
SecureRandom secureRandom = new SecureRandom();
byte[] codeVerifier = new byte[32];
secureRandom.nextBytes(codeVerifier);
String code_verifier =
Base64.getUrlEncoder().withoutPadding().encodeToString(codeVerifier)); -
Once I have the code_verifier I am then generating a code_challenge using SHA-256 algorithm.
byte[] bytes = code_verifier.getBytes("US-ASCII"); MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); messageDigest.update(bytes, 0, bytes.length); byte[] digest = messageDigest.digest(); String code_challenge = Base64.getUrlEncoder().withoutPadding().encodeToString(digest); -
I then have the following request for the /oauth2/authorize endpoint during with I am passing the code_challenge and the code_challenge_method to receive an Authorization code.
Auth endpoint : "http://localhost:9011/oauth2/authorize" + "?client_id=" + clientId
+"&response_type=code
+"&redirect_uri= http://localhost:8080/redirect"
+"&scope=openid%20offline_access"
+"&code_challenge=" + code_challenge
+"&code_challenge_method=S256";The call is successful and I do receive an Authorization code. Next, I request a call to /oauth2/token by passing the Authorization code and the code_verifier so that FusionAuth can use the stored hashed value (the Code Challenge) from previous call and use that for validating the code_verifier.
Token endpoint call = FusionAuthClient.exchangeOAuthCodeForAccessTokenUsingPKCE(auth_code, clientId, clientSecret, redirect_url,code_verifier);
When I make the request to /oauth2/token I get the following error:
{
"error" : "invalid_request",
"change_password_id" : null,
"error_description" : "Invalid Authorization Code",
"error_uri" : null,
"error_reason" : "auth_code_not_found",
"two_factor_id" : null
}Though the authorize endpoint gives me an auth code but not sure why FusionAuth is unable to verify it during the /token endpoint call.
I am currently using the below maven dependency for the FusionAuth client and I also have a trial version of FusionAuth server running on my system.
<dependency>
<groupId>io.fusionauth</groupId>
<artifactId>fusionauth-java-client</artifactId>
<version>1.32.1</version>
</dependency>Can someone guide me or let me know if there is anything wrong that I am doing or did I miss anything.
Thanks in advance.
-