<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">You might want to check out how we did it as a proof of concept on the MIT Mobile app last summer:<div class=""><br class=""></div><div class=""><a href="https://github.com/MIT-Mobile/MIT-Mobile-for-Android/blob/22dcb8b8c8e8f8526a0fe8bd0b9045da15f83747/src/edu/mit/mitmobile2/OpenIDConnectHelper.java" class="">https://github.com/MIT-Mobile/MIT-Mobile-for-Android/blob/22dcb8b8c8e8f8526a0fe8bd0b9045da15f83747/src/edu/mit/mitmobile2/OpenIDConnectHelper.java</a></div><div class=""><br class=""></div><div class="">It’s not polished but it did function well enough.</div><div class=""><br class=""></div><div class="">&nbsp;— Justin</div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Sep 18, 2015, at 1:19 PM, Luiz Omori &lt;<a href="mailto:luiz.omori@duke.edu" class="">luiz.omori@duke.edu</a>&gt; wrote:</div><br class="Apple-interchange-newline"><div class="">

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" class="">

<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; font-size: 14px; font-family: Calibri, sans-serif;" class="">

<div class="">Thanks Justin. I don’t know how the protocol was implemented for this particular application, it wasn’t me. Will contact their technical team.</div>

<div class=""><br class="">

</div>

<div class="">Regards,</div>

<div class="">Luiz</div>

<div class=""><br class="">

</div>

<span id="OLK_SRC_BODY_SECTION" class="">

<div style="font-family: Calibri; font-size: 11pt; text-align: left; border-width: 1pt medium medium; border-style: solid none none; padding: 3pt 0in 0in; border-top-color: rgb(181, 196, 223);" class="">

<span style="font-weight:bold" class="">From: </span>Justin Richer &lt;<a href="mailto:jricher@mit.edu" class="">jricher@mit.edu</a>&gt;<br class="">

<span style="font-weight:bold" class="">Date: </span>Friday, September 18, 2015 at 1:14 PM<br class="">

<span style="font-weight:bold" class="">To: </span>Luiz Omori &lt;<a href="mailto:luiz.omori@dm.duke.edu" class="">luiz.omori@dm.duke.edu</a>&gt;<br class="">

<span style="font-weight:bold" class="">Cc: </span>"<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a>" &lt;<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a>&gt;<br class="">

<span style="font-weight:bold" class="">Subject: </span>Re: [mitreid-connect] Cannot approve uninitialized authorization request<br class="">

</div>

<div class=""><br class="">

</div>

<div class="">

<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">

What you’re seeing is cross site scripting protection. The error below happens when the approval page is reached before the authorization page.

<div class=""><br class="">

</div>

<div class="">How are you making the call to the authorization endpoint? You should be opening the system browser.<br class="">

<div class=""><br class="">

</div>

<div class="">&nbsp;— Justin</div>

<div class=""><br class="">

<div class="">

<blockquote type="cite" class="">

<div class="">On Sep 18, 2015, at 1:05 PM, Luiz Omori &lt;<a href="mailto:luiz.omori@duke.edu" class="">luiz.omori@duke.edu</a>&gt; wrote:</div>

<br class="Apple-interchange-newline">

<div class="">

<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; font-size: 14px; font-family: Calibri, sans-serif;" class="">

<div class="">Hi,</div>

<div class=""><br class="">

</div>

<div class="">We are having this error when an Android application tries to perform the OAuth2 Authorization Code flow. Any idea of what could be wrong? The exception seems to be thrown by Spring (<a href="http://docs.spring.io/spring-security/oauth/xref/org/springframework/security/oauth2/provider/endpoint/AuthorizationEndpoint.html" class="">http://docs.spring.io/spring-security/oauth/xref/org/springframework/security/oauth2/provider/endpoint/AuthorizationEndpoint.html</a>)

 but not sure in which layer the problem that triggers it is in. &nbsp;The same application works on iOS but the client libraries could be very distinct.</div>

<div class=""><br class="">

</div>

<div class="">

<div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">2015Sep18 12:53:05,541: INFO : org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint - Handling OAuth2 error: error="invalid_request", error_description="Cannot approve

 uninitialized authorization request."</div>

</div>

<div class=""><br class="">

</div>

<div class="">Regards,</div>

<div class="">Luiz</div>

</div>

_______________________________________________<br class="">

mitreid-connect mailing list<br class="">

<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a><br class="">

<a href="http://mailman.mit.edu/mailman/listinfo/mitreid-connect" class="">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</a><br class="">

</div>

</blockquote>

</div>

<br class="">

</div>

</div>

</div>

</div>

</span>

</div>

</div></blockquote></div><br class=""></div></body></html>