simple-oauth2 throws "The content-type is not JSON compatible" on token refresh

Question

I'm using simple-oauth2 in this example to query Microsoft Graph. All works well so far. But when I try to refresh the access token var newToken = await storedToken.refresh();, I get an error:

The content-type is not JSON compatible

This is thrown in wreck's index.js and it seems like there is no content-type set in the headers, while the mode is set to strict. The problem is, that I have no idea how to change this or why this is happening. It only happens on refresh().

Answer 1

I figured this is a configuration problem. The sample provides the config as follows

OAUTH_AUTHORITY=https://login.microsoftonline.com/common
OAUTH_ID_METADATA=/v2.0/.well-known/openid-configuration
OAUTH_AUTHORIZE_ENDPOINT=/oauth2/v2.0/authorize
OAUTH_TOKEN_ENDPOINT=/oauth2/v2.0/token

wreck uses Url.URL to combine OAUTH_AUTHORITY with OAUTH_TOKEN_ENDPOINT which results in https://login.microsoftonline.com/oauth2/v2.0/token and therefore loses common. This results in a 404 and therefore no JSON response anymore.

I changed the config slightly and removed the leading slashes from the relative paths and added a trailing slash to the base URL.

OAUTH_AUTHORITY=https://login.microsoftonline.com/common/
OAUTH_ID_METADATA=/v2.0/.well-known/openid-configuration
OAUTH_AUTHORIZE_ENDPOINT=oauth2/v2.0/authorize
OAUTH_TOKEN_ENDPOINT=oauth2/v2.0/token

So that OAUTH_TOKEN_ENDPOINT is relative. I have not figured why it worked for authorize though, but still works.