Can not connect to MS Calendars api because refresh_token not set

Stefan_Roll · March 13, 2021, 6:18am

Hello,

i try to ad a custom App witch gives the ability to add a event to my Outlook Calendar, only for me.

It seems that it works to connect to MS, Authorization works, but when i try to send a request i get

"AADSTS900144: The request body must contain the following parameter: ‘refresh_token’

“refresh_token” is not set in the request body. It seems that the token is set in the Request Header behind tokens:
there is the access token set and the refresh token with no value.

I use the example from the documentation. The client secret etc… is already setup and i using client.request method.

What i am doing wrong?

Greets
Stefan

ManiDeepak_Vandrangi · March 13, 2021, 6:50am

Can you please ensure isOAuth: true option is set in client.request options and have Authorization header { Authorization: “bearer <%= access_token %>”}. You can find the example in OAuth. I had copied the same here.

var getFiles = function() {
  var self = this,
    path = "/",
    headers = { Authorization: "bearer <%= access_token %>"},
    reqData = { headers: headers, isOAuth: true },
    url = "https://api.onedrive.com/v1.0/drive/root:" + path +
              ":/children";
  client.request.get(url, reqData).then(
    function(data) {
      console.log(data);
      // var response = JSON.parse(data.response)["value"];
      // handleSuccess(response);
    },
    function(error) {
      console.log(error)
      //handleError(error);
    }
  );
}

Stefan_Roll · March 13, 2021, 8:05am

Hi Mani,

yes, isOAuth is true and header set like in the example, here is my code:


	window.getData = function(){
				headers = { Authorization: "bearer <%= access_token %>"},
				reqData = { headers: headers, isOAuth: true },
				url = "https://outlook.office.com/api/v2.0/me/calendars";
			client.request.get(url, reqData).then(
				function(data) {
				console.log(data);
				// var response = JSON.parse(data.response)["value"];
				// handleSuccess(response);
				},
				function(error) {
				console.log(error)
				handleError(error);
				}
			);
	}

Request sends:

XHRPOSThttps://marketplace-euc.freshworks.com/platform
[HTTP/1.1 400 Bad Request 664ms]

    	
    action	"refresh"
    data	{…}
    headers	{…}
    Authorization	"bearer <%= access_token %>"
    isOAuth	true
    method	"get"
    url	"https://outlook.office.com/api/v2.0/me/calendars"
    tokens	{…}
    access_token	"…01b4727909218a5cd88c35 some more "
    refresh_token	""

The console Output is:

 response "{\"error\":\"invalid_request\",\"error_description\":\"AADSTS900144: The request body must contain the following parameter: 'refresh_token'.\\r\\nTrace ID: fa137ca3-4a80-4805-8e2a-08f052470000\\r\\nCorrelation ID: d452810f-d002-414f-96b9-36c77a5e4974\\r\\nTimestamp: 2021-03-13 07:55:09Z\",\"error_codes\":[900144],\"timestamp\":\"2021-03-13 07:55:09Z\",\"trace_id\":\"fa137ca3-4a80-4805-8e2a-08f052470000\",\"correlation_id\":\"d452810f-d002-414f-96b9-36c77a5e4974\",\"error_uri\":\"https://login.microsoftonline.com/error?code=900144\"}"

Saif · March 14, 2021, 2:05pm

@Stefan_Roll,

If the OAuth is performed in local simulation using Freshworks CLI, you’d notice a .localstore inside of .fdk/ directory. Do you see the refresh_token obtained before client.request.get(..) sends the request?

Also, if it helps try checking this out by enabling debug mode.

Stefan_Roll · March 15, 2021, 3:54am

@Saif

i’m not able to test this localy, because on local testing MS sends:
´´´
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: ‘a6acbf7a-3929-4227-bfd1-4c6f9fcfb133’.
´´´
Dont know why but, redirect URLs are set like described.

But i uploaded a custom app for testing. Auth to MS seems to work, only the refresh_token in first post is not set.
The localstorage from the custom app, show me a key, app_378…, with token: and a set access_token, and refresh_token with empty value.

sarfaraz_Mohammed · March 15, 2021, 4:13am

Hai @Stefan_Roll,

Just wanted to know have you added the offline_access under scopes in OAuth_config in order to get the refresh_token when using microsoft graph api’s.

Stefan_Roll · March 15, 2021, 4:59am

Hi @sarfaraz_Mohammed,

no, here is my OAuth_config:

{
     "client_id": "a6acbxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
     "client_secret": "ixxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
     "authorize_url": "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxx/oauth2/v2.0/authorize",
     "token_url": "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxx/oauth2/v2.0/token",
     "token_type": "agent",
	 "options": {
        "scope": "Calendars.ReadWrite"
      },
	 "whitelisted-domains": [
      "https://outlook.office.com/"
    ]
}

ManiDeepak_Vandrangi · March 15, 2021, 6:17am

Can you please add the entire redirect url including the query parameters in the MS dashboard where you already gave the redirect URL. I guess this issue is similar to

Stefan_Roll · March 16, 2021, 5:11am

@ManiDeepak_Vandrangi
i add the redirect url as given, but for MS i must URI encode the query params. But still dont working locally. Same error like before:
´´´
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: ‘a6acbf7a-3929-4227-bfd1-xxxxxxxxxxxx’.
´´´

Stefan_Roll · March 18, 2021, 5:30am

Hi,

so i find my solution for the refresh_token. It is like @sarfaraz_Mohammed mentioned.
I totally missed the offline_access both in scopes and in the AAD.

Thanks for help.