I'm trying to implement the oAuth flow to sign in with Microsoft. I have the following endpoints: https://login.microsoftonline.com/common/oauth2/v2.0/authorize https://login.microsoftonline.com/common/oauth2/v2.0/token
My flow is like this: Redirect to Microsoft by clicking on Sign in with Microsoft button:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={client_id}&scope=user.read&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2F1%2Ffrontend%2Flogin%3Fstate%3Dtest
My redirect url is:
http://localhost:8000/1/frontend/login?state=test
Which is appended with the code I receive back from Microsoft.
I then perform a POST request to the /token endpoint. However, I receive an error (AADSTS50011) saying:
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:
The data I send is correct, except for the redirect_uri. I have the following value:
http%3A%2F%2Flocalhost%3A8000%2F1%2Ffrontend%2Flogin%3Fstate%3Dtest
Which is just an url encoded version of my redirect url including the ?state=test
I know that everything works fine, except the redirect_uri, because when I remove the state query param, everything works fine. However, to route the redirect_uri correctly in my application, I need the state param. I cannot add it in my App settings, and I have to include it in the first request (/authorize endpoint) That all works fine, but the second (/token) POST request fails, I cannot enter my redirect_uri with the ?state= parameter. I've tried several options such as encoding the redirect_uri, but it doesn't help.
All other oAuth flows (Like Github) are working fine. Except Microsoft.
