Hello.
I have identified an error in the code above. In fact I was not passing the parameters correctly. I changed sendRequest function:
function sendRequest(method, url, redirect_uri, client_id) {
var params = {
response_type: 'id_token token',
client_id: client_id,
scope: 'openid profile email',
redirect_uri: redirect_uri,
nonce: 'qualquertexto3',
display: 'page',
state: 'testestate3'
};
url += '?' + jQuery.param( params );
var xhr = createCORSRequest(method, url);
if (!xhr) {
throw new Error('CORS not supported');
}
// Response handlers.
xhr.onload = function() {
var text = xhr.responseText;
alert('Response from CORS request to ' + url + ' => '+text);
};
xhr.onerror = function() {
alert('Woops, there was an error making the request.');
};
xhr.send();
}
But CORS error still continues to occur:
XMLHttpRequest cannot load https://gluuserver/oxauth/authorize?scope=openid+profile+email&display=page…=%40%2157E7.F422.1BEC.8661%210001%212917.B555%210008%211057.2149.C76E.504A.
Redirect from 'https://gluuserver/oxauth/authorize?scope=openid+profile+email&display=page…=%40%2157E7.F422.1BEC.8661%210001%212917.B555%210008%211057.2149.C76E.504A'
to 'https://gluuserver/oxauth/login' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'https://myserver:8443' is therefore not allowed access.
I've already tested earlier the suggested alternative using implicit client (openidconnect.js). But the CORS problem is just bypassed right? It will not occur because it is not done through ajax call. The onClick of the button calls the OIDC.login return url directly:
<button onClick="OIDC.login( {scope : 'openid profile email', response_type : 'token id_token'} );" type="button" class="btn btn-success" >Authenticate</button>
I was able to go a little further in authenticating with openidconnect.js. However when displaying callbackpage.html the exception below occurs:
"Unable to get the ID Token from the current page URL: OidcException: Unable to verify the ID Token signature: OidcException: Unsupported JWS signature algorithm HS256"
Can you help me solve one of the two solutions?
Thanks!