locked
Server side scenario always redirecting to https://login.live.com/oauth20_token.srf RRS feed

  • Question

  • Hello,

    I'm trying to implement the server side scenario in order to obtain an access token and a refresh token for my user.

    This is my first request,

    var appID = '00000000400CE938';//todo meter en properties
    var path = 'https://login.live.com/oauth20_authorize.srf?';
    var queryParams = ['client_id=' + appID, 'scope=wl.messenger%20wl.offline_access%20wl.share',
                        'redirect_uri=http%3A%2F%2Falscu.dyndns-web.com%2FGeeService%2FmsnHandler.html',
                        'response_type=code'];
                    var query = queryParams.join("&");
                    var url = path + query;
                    var signinWin = window.open(url, "SignIn", "width=780,height=410,toolbar=0,scrollbars=0,status=0,resizable=0,location=0,menuBar=0");
                    signinWin.focus();

    And then, I get redirected to http://alscu.dyndns-web.com/GeeService/msnHandler.html?code=13f4567d-9ee8-68ad-e58b-c1708c0b53d5

    So far so good. I'm usign a from in order to perfor the POST request to https://login.live.com/oauth20_token.srf

    <form method="POST" action="https://login.live.com/oauth20_token.srf" enctype="application/x-www-form-urlencoded">
               <input name="client_id" value="00000000400CE938" type="text">
               <input name="redirect_uri" value="http://alscu.dyndns-web.com/GeeService/msnHandler.html" type="text">
               <input id="code" name="code" type="text">
               <input name="grant_type" value="authorization_code" type="text">
               <input name="client_secret" value="MY CLIENT SECRET HERE" type="text">
               <input type="submit">
           </form>

    I'm setting the "code" input value with the code I got in the redirect.

    But when I submit the form, I get redirected to https://login.live.com/oauth20_token.srf

    And the body contains all the json with the access token, refresh token, etc. So I know the I'm being authorized correctly.

    The question is, why, in this last step, do I get redirected to https://login.live.com/oauth20_token.srf instead of the URL I specified.

    Let me know if anything is unclear or you need further information.

    Thanks in advance for your help.

    Alvaro

    Thursday, August 2, 2012 1:33 PM

Answers