react-native-ibm-mobilefirst authorization gets redirected to unknown URL https://mfpredirecturi

0
votes

I am developing a react-native Android application that uses the latest version of react-native-ibm-mobilefirst library (8.0.2020022509). Currently, I encountered the issue stated in the title whenever my mobile app executes the following statement 'WLAuthorizationManager.obtainAccessToken(Scope)'. My MobileFirst server (8.0.0.00-20200211-1526) is located behind a reverse proxy (iis) which I notice the request seems to be redirected to an unknown URL because https://mfpredirecturi does not exist. As a result, my mobile app received a '403 - Forbidden: Access is denied' response.

The following GET request was sent from the mobile app where the redirect_uri is: https://mfpredirecturi

https://myserverhostname:9443/mfp/api/az/v1/authorization?scope=myscope&response_type=code&redirect_uri=https%3A%2F%2Fmfpredirecturi&client_id=2dff438b-4288-4e5a-8a5f-4bd29e8403b4&isAjaxRequest=true&x=0.9060663818636305

The strange thing is I notice my other application that uses the ibm-mfp-web-sdk sent the same request except for redirect_uri parameter and has no issue at all:

https://myserverhostname:443/mfp/api/az/v1/authorization/redirect/ae5254a2-3dca-4a8e-b2a1-e6eba55e5dba

1
react-nativeibm-mobilefirst

1 Answers

1
votes

The https://mfpredirecturi redirect URI is expected as part of the OAuth flow between the MobileFirst SDK and the server. However, this is not a true URI and is internally consumed by the MobileFirst React Native SDK.

It appears that the IIS is intercepting the redirect to the URI based on the Location header. You will have to modify the reverse proxy configuration to transparently allow the Location header and not attempt a redirect based on the header.