Missing required parameter: AuthorizationEndpoint

Just trying to implement Sphinx in a new application and I'm getting this

Missing required parameter: AuthorizationEndpoint

I have copied the setup code (both server and webcore) from an app that does work, so I've obviously missed something.

Any ideas?

That message comes from failing to properly retrieve the server OIDC metadata information.

How are your TSphinxLogin properties configured?

TSphinxWebLogin:

SphinxLogin.Authority := AppConfig.AuthURL; //correct path to server app
SphinxLogin.RedirectUri := SphinxRedirectUri; //Application.Exename
SphinxLogin.ClientId := 'AlphaWebApp';
SphinxLogin.Scope := 'openid email';

On server:

  Client := SphinxConfig1.Clients.Add;
  Client.ClientId := 'AlphaWebApp';
  lUri := SysConfig.ReadString('SphinxRedirects', 'AlphaWebApp', '');
  Client.DefaultRedirectUri := lUri;
  Client.RedirectUris.Add(lUri);
  lIndexUri := lUri + IfThen(lUri.EndsWith('/'), '', '/') + 'Index.html';
  Client.RedirectUris.Add(lIndexUri);
  Client.RequireClientSecret := False;
  Client.AllowedGrantTypes := [TGrantType.gtAuthorizationCode];
  Client.ValidScopes.Add('openid');
  Client.ValidScopes.Add('email');

What is the AppConfig.AuthURL?
What JSON do you get when you request AppConfig.AuthURL suffixed with /.well-known/openid-configuration?

AppConfig.URL = http://localhost:2024/login

JSON returned

{
    "issuer": "http://localhost:2024/login",
    "authorization_endpoint": "http://localhost:2024/login/oauth/authorize",
    "token_endpoint": "http://localhost:2024/login/oauth/token",
    "response_types_supported": [
        "code",
        "id_token",
        "id_token token"
    ]
}

Think I've found it

Access to XMLHttpRequest at 'http://localhost:2024/login/.well-known/openid-configuration' from origin 'http://localhost:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Although now I get (very latest Sphinx)

Sphinx.Utils.pas:252 
 Uncaught (in promise) 
ReferenceError: CryptoJS is not defined
    at Object.Sha256 (Sphinx.Utils.pas:252:1)
    at Object.CreateState (Sphinx.OidcClient.pas:224:32)
    at async Object.StartAuthorize (Sphinx.OidcClient.pas:432:20)
    at async Object.Login (Sphinx.WebLogin.pas:265:36)
Sha256	@	Sphinx.Utils.pas:252
CreateState	@	Sphinx.OidcClient.pas:224
1 Like

needed to crypto-js to the project

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.