azure - List of reasons that this error can occur: OAuth2::Error, invalid_grant: AADSTS65001 -

-

we have implemented microsoft azure oauth2 on our web app, , trying address common errors users have when using oauth method.

the error: oauth2::error, invalid_grant: aadsts65001: no permission access user information configured '...' application, or expired or revoked. resembles 82% of our errors azure oauth flow.

here's our configuration:

# ==> office 365 oauth2 config.omniauth :azure_oauth2,   client_id: '...',   client_secret: '...',   tenant_id: '...',   resource: 'https://outlook.office365.com/',   setup: lambda { |env|     params = rack::utils.parse_query(env['query_string'])     options = env['omniauth.strategy'].options      case params['state']     when 'calendar'       options[:prompt] = 'login'     when 'select_account'       options[:prompt] = 'login'     end    }

we know error can caused using non office 365 account. since our resource 'https://outlook.office365.com/', , because our app needs able interact calendar, user must authenticate office 365 account. other account microsoft live account cause error.

questions

1 - else might cause error?

2 - there way limit azure oauth flow allow true office 365 logins?

the reason is: if user got locked out , had reset password or other invalid tries login azure ad (which authenticates users against o365) invalidate refresh token app has. therefore, application handle changed password (old refresh token) gracefully throwing error. in case, app should redirect user authorization page authenticate user.

hope helps.


Comments

Post a Comment

Popular posts from this blog

c - Bitwise operation with (signed) enum value -

-
i using enumerator values flags: typedef enum { = 0x00, b = 0x01u, // u has no influence, expected c = 0x02u, // u has no influence, expected ... } enum_name; volatile unsigned char* reg = someaddress; *reg |= b; according misra-c:2004 bitwise operations shall not done signed type. unfortunately, compiler iar use signed int (or short or char) underlying type of enums, , option can find relates size, not signedness ("--enum-is-int"). according iar c/c++ development guide arm , pages 169 , 211, can define type of enum s if enable iar language extensions ( -e command-line option, or project > options > c/c++ compiler > language > allow iar extensions in ide). in particular, should define "sentinel" value, make sure compiler chooses correct type. prefers signed types, , uses smallest possible integer type, sentinel should largest positive integer corresponding unsigned integer type can describe. example, typedef enum
Read more

xslt - Unnest parent nodes by child node -

-
in xml there items 0-n attributes , item should copied each attribute new item 1 attribute. given xml this: <?xml version="1.0" encoding="utf-8" ?> <items> <item> <name>a</name> <attributes> <attribute> <key>attribute1</key> <value>1</value> </attribute> </attributes> </item> <item> <name>b</name> </item> <item> <name>c</name> <attributes> <attribute> <key>attribute1</key> <value>5</value> </attribute> <attribute> <key>attribute2</key> <value>2</value> </attribute> <attribute> <key>attri
Read more

YouTubePlayerFragment cannot be cast to android.support.v4.app.Fragment -

-
im stuck on 3 days , have tried have come across after lots of searching ,this post last resort, im trying open youtubeplayerfragment using navigation drawer youtubeplayerfragment cannot cast android.support.v4.app.fragment problem edit question : have updated code have used youtubeplayersupportfragment instead of youtubeplayerfragment ,i error in displayview method (case 4: fragment = new youtube(); break;) in main activity saying cannot convert youtube fragment , cannot logcat since cant run it edit question 2: code updated again have runtime problem ,heres logcat 07-22 22:15:09.782: e/androidruntime(20603): fatal exception: main 07-22 22:15:09.782: e/androidruntime(20603): process: net.frankandwalters, pid: 20603 07-22 22:15:09.782: e/androidruntime(20603): java.lang.nullpointerexception: attempt invoke virtual method 'void com.google.android.youtube.player.youtubeplayerview.a()' on null object reference 07-22 22:15:09.782: e/androidruntime(20603): @ com.goog
Read more