<cfhttp
method="get"
url="https://platform.devtest.ringcentral.com/restapi/oauth/authorize";
resolveurl="yes"
getasbinary="never"
>
<cfhttpparam type="header" name="content-type" value="application/x-www-form-urlencoded">
<cfhttpparam type="url" name="response_type" value="code">
<cfhttpparam type="url" name="client_id" value="#client_id#">
<cfhttpparam type="url" name="redirect_uri" value="#redirect_uri#">
<cfhttpparam type="url" name="state" value="#state#">
<cfhttpparam type="url" name="prompt" value="login">
</cfhttp>
When I execute the code, it processes and displays code that can only execute if the redirect_uri is executed, therefore, the Ringcentral server is forwarding to the redirect_uri.
Here's what my server finds the following variables on dumping variables off of the redirect_uri page:
error: invalid_request
error_description: Parameter [prompt] value is invalid
state : ydcm2ud3d2edvLde911nvev9zwvhLiLztzkhh4qmyc6beg44se
1) The only variable that is passed to my redirect_uri page is "state"
2) The error does not make sense. The prompt variable value is correct. The documentation says use "login".
I am trying to a response so I can get access token and refresh tokens so I can interact with the API calls.
Please advise....
-
480 Points
Posted 12 months ago
Anton Nikitin, Official Rep
-
2,974 Points
-
480 Points
Also, as an alternative, what do you mean by "use "login consent" pair for now?"
Anton Nikitin, Official Rep
-
2,974 Points
I mean specifying "prompt=login%20consent" also helps.
In your example it probably means:
<cfhttpparam type="url" name="prompt" value="login consent">
-
480 Points
Ok. I tried both and I get the same error. So, I removed it as you suggested and changes happened.
Now, it's redirecting me as follows:
https://www.MYSERVER.com/login/unifiedLogin.html?session=-XXXXXXXXXXXXXX&6597080091492620690&responseType=code&clientId=MYCLIENTID&brandId=BRANDID&state=rct7dor1i5479Le8n2ca4e5xLt3dv0d6kn4hug23nnn3tckua0&localeId=en_US&endpointId=&display=page&prompt=login%20consent%20sso&scope=&appUrlScheme=https%3A%2F%2Fwww.MYDOMAIN.com%2Fsubprocesses%2Fringcentral%2FringCentral_callback.cfm&ui_options=&hideNavigationBar=true<br>
Obviously, it's throwing a 404 error because it's trying to get this path is not on my server.
It appears to be attempting to allow me to login, but for whatever reason it's trying to run the path off of my server.
Anton Nikitin, Official Rep
-
2,974 Points
-
480 Points

Anton Nikitin, Official Rep
-
2,974 Points
-
480 Points
I know with Google Authorization Flow, it brings up Google's page, I login, it passes it to my redirect URI which grabs the access tokens and refresh tokens from the JSON string that is passed and I am on my way. It should work the same....
Are you saying you can't initiate the authorization flow from the backend (I know others have with PHP which means CF should be able to do it) or are you saying in my case I must use JS? I would like to avoid JS.
When you say my backend must pass the full redirect URI to the browser client, I am not following you....I can pretty much do anything with CF, but if you are saying that the authorization flow must be on the client side, then it can't be done.
Tyler Long, Official Rep
-
8,916 Points
So for step #1, what is the uri in your case?
-
480 Points
<cfset redirect_uri = "MYREDIRECTURI.com" />
<cfhttpparam type="url" name="redirect_uri" value="#redirect_uri#">
I don't think that's the issue....
-
480 Points
I have used this code with Google's API and it works, so I know my authorization flow works with them...
Tyler Long, Official Rep
-
8,744 Points
Tyler Long, Official Rep
-
8,744 Points
We will see if it's a account issue or programming issue.
Anton Nikitin, Official Rep
-
2,974 Points
Actually this post refers the same problem as you have: http://www.codersrevolution.com/blog/CFHTTP-doesnt-resolve-URLs-properly-on-redirect
-
480 Points
I completely understand that Coldfusion is not a common code, however, the behavior of what is happening is what I am looking for guidance on...that's not a code thing...that's general error that could affect all people regardless of the code.
I have used CFHTTP for cURL operations for other Auth2.0 situations and I don't have trouble with the authorization window in those situations....it's obviously processing, because it's redirecting me, yet it's escaping your web server.
CFHTTP is simple....it returns exactly what it is returned from the server and here:
<cfoutput>#cfhttp.FileContent#</cfoutput>
It's returning "login/unifiedLogin.html?session=......." without mapping to the full domain, so my server is taking over thinking the folder is there.
It's like your server is returning /login/unifiedLogin.html?...." as opposed to mapping it completely with the full URL, so what does my server do? It say..."oh you must want to map it to "login/unifiedLogin.html?session=......." which have I have no such mapping.
"https://service.ringcentral.com/login/unifiedLogin.html?......"
So I can confirm it's not something on my end, please confirm this:
1) Is my url correct: https://platform.devtest.ringcentral.com/restapi/oauth/authorize
2) On processing on your side in the API, when the login window is requested and passed back to me....is the entire URL mapped with "https://service.ringcentral.com/" on your end? If it isn't, then that will cause problems with some users based on how some servers handle call backs.
Thanks.
-
480 Points
Tyler Long, Official Rep
-
8,884 Points
Anton Nikitin, Official Rep
-
2,974 Points
1) Yes, your URL is correct
2) Here is the call I made and traced for your reference. So you can see that our server returns full URL in the path.
GET https://platform.devtest.ringcentral.com/restapi/oauth/authorize? client_id=...&redirect_uri=...&response_type=code&state=... HTTP/1.1 Accept-Encoding: gzip,deflate Host: platform.devtest.ringcentral.com Connection: Keep-Alive User-Agent: Apache-HttpClient/4.1.1 (java 1.5)I pointed you earlier to this post: http://www.codersrevolution.com/blog/CFHTTP-doesnt-resolve-URLs-properly-on-redirect. So maybe you need to check with ColdFusion support.
HTTP/1.1 302 Found Server: nginx/1.10.2 Date: Mon, 12 Mar 2018 20:02:45 GMT Content-Length: 0 Connection: keep-alive X-Application-Context: application:8080 Location: https://service.devtest.ringcentral.com/mobile/loginDispatcher? responseType=code&clientId=...&brandId=1210&state=...&localeId=en_US& endpointId=&session=-2915783893910517926&display=page& prompt=login%20consent%20sso&scope=& appUrlScheme=...&ui_options=&hideNavigationBar=true
-
480 Points
redirect="False"
to correct the problem. That's not right after checking the CF documentation...it's this:
redirect="no"
After doing that, I am getting this:
{ "errorCode" : "AGW-401", "message" : "Authorization header is not specified", "errors" : [ { "errorCode" : "AGW-401", "message" : "Authorization header is not specified" } ] }
At this there is progress....
Anton Nikitin, Official Rep
-
2,974 Points
-
480 Points
Retested...it didn't redirect now and the header returned:
Status Code: 302
RCRequestId: fc121d0e-263d-11e8-8b21-005056bb26b9
Thanks for the continued help.
Anton Nikitin, Official Rep
-
2,974 Points
-
480 Points
You have been very helpful which I really appreciate.
My page does not redirect after processing and does not return the Authorization Window.
I posted the Status Code and RCRequestId from the header response.
Jason
Anton Nikitin, Official Rep
-
2,974 Points
-
480 Points
{ "errorCode" : "CMN-301", "message" : "Request rate exceeded", "errors" : [ { "errorCode" : "CMN-301", "message" : "Request rate exceeded" } ] }
-
480 Points
It is yielding a different result...a blank page and I can provide you the response header if you want it.
The Status Code 302 should tell us something.
Anton Nikitin, Official Rep
-
2,974 Points