Embedded Javascript (angular4) unable to get bearer token from Http Post

Hello All;

I have been trying for a while to get an embedded solution to work, as a proof of concept. But I am struggling with the Http requests.

This is trying to follow the "App owns data" "example".

https://docs.microsoft.com/en-us/power-bi/developer/embed-sample-for-customers

I have created a Native application. I have given it the correct permissions, I used a global admin account, and I granted permissions within Azure Portal.

The following method works fine within PostMan (ie all the correct information is given). https://community.powerbi.com/t5/Developer/How-To-Get-embed-token-using-Get-Post-only/td-p/294475

However it fails when I try to call the first request (/oauth2/token) with Javascript. All parameters are identical, I have double and triple checked them.

My code is as follows:

getAccessToken(Password): string{
    const url = "https://login.windows.net/{tenantID}/oauth2/token";
    const headers = new HttpHeaders( {
        "Content-Type": "application/x-www-form-urlencoded"
    });
    const requestBody = {
        "grant_type": "password",
        "scope": "openid",
        "resource": "https://analysis.windows.net/powerbi/api",
        "client_id": this.getClientID(),
        "username": this.getUsername(),
        "password": Password
    }
    var accessTokenRequestReponse = this.httpClient.post(url, requestBody, {headers: headers}).subscribe(
        (reponse) => {
            console.log(reponse)
            console.log(reponse['access_token'])
        },
        (error) => {console.log(error)}
    )
    return("");
}

I have tried this endpoint with variations of the url, ie

https://login.windows.net/{tenantID}/oauth2/v2.0/token
https://login.windows.net/common/oauth2/v2.0/token
https://login.windows.net/{tenantID}/oauth2/token
https://login.windows.net/common/oauth2/token
https://login.microsoftonline.com/common/oauth2/token
https://login.microsoftonline.com/{tenantID}/oauth2/token

All of these are the same, they fail in JS, yet work in postman.

Initially the error was CORs. However I spun up a website on Azure, and put a build there and the issue persisted (ie not due to localhost). I had listed all urls (http:localhost:4200/powerBI and https://mywebsite.azure.net) in the redirect section of the azure native app. I also set the allow implicit flow to true, in the manifest.

I used the following chrome extension to allows CORs requests.

https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi?hl=en

I found this on one of the posts on this forum, but I currently cant re-find it.

Once this is active to allow the CORs requests, I get a 400 (Bad request) error on my request.

I get the following information in the error:

error:"invalid_request"
error_codes:[90014]
error_description:"AADSTS90014: The request body must contain the following parameter: 'grant_type'.
↵Trace ID: c4ce24c7-{...}d00
↵Correlation ID: 21a2c8d0-{...}87
↵Timestamp: 2018-04-26 {...}"

When I examine this in the Network section of chrome, I find that the call has "grant_type" in it

Request Headers:

Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Content-Length: 260
Content-Type: application/x-www-form-urlencoded
Host: login.windows.net
Origin: http://evil.com/ #Note this is from that chrome extenstion
Referer: http://localhost:4200/powerBI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

Form Data:

{
  "grant_type":"password",
  "scope":"openid",
  "resource":"https://analysis.windows.net/powerbi/api",
  "client_id":"{clientID}",
  "username":"{username}@{tenant}.onmicrosoft.com",
  "password":"{password}",
  "tenant":"{tenant}.onmicrosoft.com"
}:

I believe this is meant to be the implicit flow

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-dev-understanding-oauth2-implicit-grant

but I cant find anything on the documentation page on this call, and the other pages all seem to revolve around redirecting the user to mircosoft login page, and then redirecting back to the application, which defeats the goal of the "App owns data" as I want to display to non powerBI users.

Apologies for the long post. And many thanks to anyone who read it/has any advice.

Kind Regards
Christy

Embedded Javascript (angular4) unable to get bearer token from Http Post - Error: CORs/[AADSTS90014]

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112