I am trying to configure my web app to login via various social medias. I am using next and next-auth. I have gotten connection with Github through Next-Auth to work. However, Twitter is giving me issues. When I was using Twitter API v1.1 I was receiving a 302 error. I have specified to use Twitter API v2, and now upon login, I get the following message:Twitter error message
Here are my Twitter developer portal settings:
Twitter dev portal settings
I have tried the callback url as both http://localhost:3000/api... and http://127.0.0.1/api... as suggested here: https://developer.twitter.com/en/docs/apps/callback-urls
_app.tsx:
_app.tsx
[...nextauth].js:...nextauth.js
.env.local: .env.local
signin.tsx: signin.tsx
This error means that you didn't give your app permission. Make use of your Twitter APIKEY and API SECRET provided by Twitter on your developer dashboard. Quick access: https://developer.twitter.com/en/apps.
Save your credentials in a .env file and use it on ur [...nextauth].js file.
export default NextAuth({
providers: [
TwitterProvider({
clientId: TWITTER_CLIENT_ID,
clientSecret: TWITTER_CLIENT_SECRET,
}),
],
secret: NEXT_SECRET,
})
Related
I'm receiving an Authorization error when attempting to generate an authorization code:
Error 400: invalid_request
You can't sign in to this app because it doesn't comply with Google's
OAuth 2.0 policy for keeping apps secure.
If you’re the app developer, make sure that these request details
comply with Google policies. redirect_uri: urn:ietf:wg:oauth:2.0:oob
I've used this Google tutorial to replicate and confirm the issue:
https://developers.google.com/assistant/sdk/guides/service/python/embed/install-sample?hl=en_US
It is generating this URL:
https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=[HIDDEN]&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fassistant-sdk-prototype&state=[HIDDEN]&prompt=consent&access_type=offline
Here is a workaround provided by jdtoth on Github: https://github.com/greghesp/assistant-relay/issues/266#issuecomment-1065940698
Thanks jdtoth!
I found a workaround for creating a new user. In my case, I needed to
create a specific type of API credential. Here is what I did:
Create a new OAuth Client credential using the link below, ensuring
the application type is "Web application" and set Authorized Redirect
URIs to "http://localhost"
https://console.cloud.google.com/apis/credentials
Download the key, and create the user in the Assistant Relay appas you
tried before. When it opens a new browser window to authorize the
google account, you might need to bypass a warning. After you do this,
a blank browser window will open but the address bar will contain the
auth code you need. Grab the code from the relevant part of the URL
here and paste it back into the Assistant Relay app:
http://localhost/?code=COPYCODEFROMHERE&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fassistant-sdk-prototype
Let me know if this works. I am successfully sending commands to the
Assistant Relay server but nothing is playing on my speakers.
I'm having issues with trying to set up account linking with Google Assistant.
I'm using Azure AD B2C for my identity provider.
I've created a User flow so I have a authorize and token endpoint set up and I created an Azure AD Application so I have an App Id, and App Secret and I set the redirect URL as https://oauth-redirect.googleusercontent.com/r/{google-project-name}/.
My Google account linking settings are show below:
Client ID is the App Id of the application I created in Azure AD.
Client Secret is the app secret of of the application I created in Azure AD
Auth URL is:
https://{b2c-name}.b2clogin.com/{b2c-name}.onmicrosoft.com/oauth2/v2.0/authorize?p={sign-in-policy-name}
Token URL is:
https://{b2c-name}.b2clogin.com/{b2c-name}.onmicrosoft.com/oauth2/v2.0/token?p={sign-in-policy-name}
When I got to https://console.actions.google.com/project/{google-project-name}/simulatorand try to go through the auth flow it pops up the box I put in my user name and password and then just stops.
I can see in Fiddler it redirects back to the redirect URL and then there is a 400.
{
"error": {
"code": 400,
"message": "Bad response from IdP in Auth Code Exchange",
"status": "FAILED_PRECONDITION"
}
}
When I look in Fiddler at the request to the redirect URL it looks as expected with a state and code like this documentation says it should so I'm not sure what I'm doing wrong. I've double checked my App Id and regenerated the key.
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID?code=AUTHORIZATION_CODE&state=STATE_STRING
I've seen a few questions with similar error messages but none of the fixes suggested helped or applied.
Any help would be appreciated.
I have my app in LinkedIn with all four default application permissions ticked. I am able to consume API v1 perfectly. When I authenticate with oAuth 2.0, my authentication is successful and I get auth2_token but I am not able to call the below endpoint.
https://api.linkedin.com/v2/me
Header: X-Restli-Protocol-Version : 2.0.0 Authorization : Bearer (
auth2_token )
I get the error
{
"serviceErrorCode": 100,
"message": "Not enough permissions to access: GET /me",
"status": 403
}
Am I missing something here?
I couldn't get access to https://api.linkedin.com/v2/me either but you can use the following URL sample to retrieve the data you need:
GET https://api.linkedin.com/v1/people/~:(id,num-connections,picture-url)?format=json
The available fields can be found here: LinkedIn basic profile fields
To access https://api.linkedin.com/v2/me, you need to have access to v2 API.
As of 14th of Jannuary or Linkedin Applications will automatically have access to v2 API.
As of March, 1st, Linkedin is going to deprecate its v1 API, so the call https://api.linkedin.com/v1/people/~:(id,num-connections,picture-url)?format=json will no longer work.
I have trouble creating a Google API OAuth2.0 token though following all the steps here: [OAuth2 Authentication](
https://developers.google.com/adwords/api/docs/guides/authentication?authuser=1)
When trying to create the token through the OAuth2.0 playground:
OAUTH 2.0 playground
I end up with this error:
Discussion on similar threads tried to give some guidance but without any luck in my case.
Add google.com in the authorized domain list of your app's OAuth consent screen.
Click on the application for which you want to configure for the next step:
Make sure to also add 'https://developers.google.com' in the Authorized JavaScript origins and 'https://developers.google.com/oauthplayground' in the Authorized redirect URIs[click 'save' below once added]:
You are applying your own client id and client secret to Oauth2 playground you are also using browser credentials.
For browser credentials to work it must be able to return the token to an endpoint that can handle it and that endpoint (Redirect uri) must be registered in the Google Developer console for that project.
if you check your first picture under the check box you clicked
You will need to list the URL https://developers.google.com/oauthplayground as a valid redirect URI in your Google APIs Console's project. Then enter the client ID and secret assigned to a web application on your project below:
Try adding that URL as it says.
I would like help obtaining/locating the correct access_token value for an API call.
I'm configuring an application that wants to search Facebook using the graph-api search request at https://graph.facebook.com/fql, for which I need an access_token. The application is a backend server so there's no UI and no users.
I registered a new 'app' using the developer pages 'Create a New App' link, so I now have an app at: https://developers.facebook.com/apps/<> and from that I get an 'app secret' token. Digging into the Advanced settings page for the app there is also a Client token.
However using either token results in the following JSON error:
{"error":{"message":"Invalid OAuth access token.","type":"OAuthException","code":190}}
Can anyone point me to where I've gone wrong?
==
The following 'curl' request demonstrates the command working correctly, but it's only usable token-less like this occasionally, so the app needs &access_token=...stuff... adding to the parameters.
$ curl 'https://graph.facebook.com/fql?q=select%20url,%20share_count,%20like_count,%20comment_count,%20click_count,%20total_count%20from%20link_stat%20where%20url%20=%20"http%253A%252F%252Felifesciences.org%252Fcontent%252F2%252Fe01233"'
{"data":[{"url":"http\u00253A\u00252F\u00252Felifesciences.org\u00252Fcontent\u00252F2\u00252Fe01233","share_count":0,"like_count":0,"comment_count":0,"click_count":0,"total_count":0}]}
The 'app secret' and 'Client token' will not work.
What you need is an Access Token, refer to this.