2

I'm trying to get an authentication token from microsoft. First I send a get request and get a code in response, which I write to a var called auth_code. Then I use that returned auth_code and some other vars like this:

$.ajax({
  type: "POST",
  url: url + tenant + '/oauth2/v2.0/token',
  data: {
    client_id: client_id,
    client_secret: client_secret,
    redirect_uri: redirect_uri,
    scope: scope,
    code: auth_code,
    grant_type: 'authorization_code'
  },
  success: function(data){
    alert("success");
  },
  error: function(xhr) {
    alert(xhr.statusText);
  }
});

Error is triggered every time; I'm getting statusText of 'error'.

If I breakpoint at the error alert, in the firefox debugger under network I see a 200 for the token url, and in the response I see the json returned by microsoft (including a lovely auth token), i.e. response is not null. But the ajax success handler doesn't run, so I can't use it.

Things I've read and tried:

I've copied and pasted the json response from the debugger into json lint and it validates ok (in any case, I believe I would have got an error textStatus of 'parseerror' if that was the problem?).

I've tried explicitly adding a dataType of 'json', 'text' and 'text json' but it makes no difference.

I just don't get it - the response is ok, the return json is there in the debugger, so why is the ajax failing to handle it (effectively preventing me from using it)?

It's Friday, so hopefully I'm just missing something really simple and obvious - any help appreciated.

kiden
  • 496
  • 4
  • 9
  • 2
    Nice question. Try setting `processData` to `false`. I have no explicit rationale here except I've seen it solve quite a few problems of this nature. Also, the returned JSON is definitely well-formed? – Mitya Apr 20 '18 at 12:31
  • Thanks for the suggestion - just tried that and no joy. I just tried switching to test/debug in chrome, which reports a cross-origin problem of no headers = no permission (ff didn't report this...), but oddly, when i go to the network tab in the debugger and select the token url it still shows a 200 and the json response (which validates in https://jsonlint.com/). – kiden Apr 20 '18 at 12:40
  • 1
    With that extra clue, I'll give this a go and see if it works https://stackoverflow.com/questions/38317973/no-access-control-allow-origin-header-with-microsoft-online-auth – kiden Apr 20 '18 at 12:43
  • 2
    Ah yes, this old chestnut. The network console will report that the request was successful, so there's no problem with the request. However, the browser blocks you from accessing the content because of the cross-origin nature of the request. For this, you'll need the server to issue an access origin header with the request. – Mitya Apr 20 '18 at 12:44
  • Yeap, that's on the right lines. – Mitya Apr 20 '18 at 12:44
  • Aye, heart sank when I saw the old cors thing. Just wanted to confirm that I used the answer to the other question mentioned in my comment above and I'm getting a token no problem now. Thanks for your time and support. – kiden Apr 20 '18 at 13:11
  • No probs - glad you got it sorted. – Mitya Apr 20 '18 at 13:35

0 Answers0