I am attempting to convert over from the old Azure AD OpenId Connect to use the new Azure AD v2.0 endpoint as documented here: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oidc
When I attempt to request a token via the v2.0 token endpoint: https://login.microsoftonline.com/common/oauth2/v2.0/token I get a response that only includes a 'token_id' field, and not a 'token_type', or any other fields. The library I am using to parse the response is nimbus.com library for openid and auth2. The OIDCTokenReponseParser throws an exception because the 'token_type' is missing from the response.
I have looked at the OpenID Connect Protocol specifications, and it says that a request to the token endpoint requires 'token_type', so it seems as though the response from the endpoint is invalid.
Has anyone run into this issue, and if so, how did you deal with it?
UPDATE 3/2/2018
My flow works with the old end point. I redirect the user here:
The user logs in, and they are redirected to my app, and code is provided via a query parameter.
I turn around and make this request:
And I get response that looks like this.
{
"token_type": "Bearer",
"expires_in": "3599",
"ext_expires_in": "0",
"expires_on": "1520018953",
"access_token": "{token}",
"refresh_token": "{token}",
"id_token": "{token}"
}
I try to handle v2.0 version the same way. I redirect the user to:
And after they sign in, they are redirected back to my app with the 'code' as a query parameter.
I then send this request:
But this is the response I get:
{
"id_token":"{token}"
}
response_typesent to the/authorizeendpoint,id_tokenorid_token code? Please update your question with more details about the grant flow you used, and you could provide the detailed request trace for us to narrow down this issue. - Bruce Chen