When i sent a merchant to the authorization url
https://squareup.com/oauth2/authorize?client_id=sq0idp-Lno1QXpjx8Z2Avemg3orUg&response_type=code&scope=MERCHANT_PROFILE_READ%20PAYMENTS_WRITE%20ORDERS_WRITE%20ITEMS_READ
I get the following error.
An error occurred Client requires a Redirect URL to use OAuth
I most certainly have a redirect url set.
Any clue as to what I'm doing wrong here?
Answer, square is trash.
It was not saving the Redirect URL, I enter it, press save, get the green bar that says its saved... think its saved, my mistake.
Log out, then log back in, empty field...
Had to do it SIX times before it actually saved..
Related
I am facing an issue regarding account linking in Actions on Google:
I am able to authenticate the user and access his email address and username however after this how can I redirect the user back to the google assistant and close the browser where he was authenticated?
Any help will be appreciated!
Update: Hey Prisoner thanks a lot for that.
I did what you said and yeah now it does redirect to google.com but without result_code=SUCCESS when I test it in the simulator.
The link is:
https://www.google.co.in/?gws_rd=cr&dcr=0&ei=z77fWbjQGIXxvATs_oqwBA
Now if I type talk to... again it shows me the message you need to link your account!
In the device the browser automatically closes and it shows SIGNING_IN however when I type an intent it is not recognized.
It would be great if you could point me in the right direction! (I am not sure but I might be at the token exchange stage that you mentioned, but I don't have a clue how to proceed!)
Update 2: As requested the entire flow that I am following:
This is the URL that I receive from debugInfo:
https://assistant.google.com/services/auth/handoffs/auth/start?account_name=cha***#gmail.com&provider=***_dev&scopes=email&return_url=https://www.google.com/
When I paste this in the browser the request that I receive at the authorization endpoint is:
ImmutableMultiDict([
('response_type', 'code'),
('client_id', ****.apps.googleusercontent.com'),
('redirect_uri', 'https://oauth-redirect.googleusercontent.com/r/****'),
('scope', 'email'),
('state', ' CtcCQUxWM2ROU3hNMjl4LUItVXhQSGd4THRMLU4yNExnb3lYbGRKQnQwa3NwTVFva19NUWpYNE5jNGJURzIyZFN3RDBXd2d4enFGVWJGb0Q0ZW1vaS1OaFdkaHdhb05HZ2xlWTR6SllKVlRWYktwd09faklyUTVheFhQbGw2dmVKYzVFTk05N3B1QkxaZG41RVdHN0wyTktvRFdCYzFPVFBzM1dQUlFtN2RmM1VtRU4****(state)')
])
The response (redirect_url) that I send back:
https://accounts.google.com/o/oauth2/v2/auth?scope=email&response_type=code&redirect_uri=https%3A%2F%2F******.herokuapp.com%2Fcallback%2Fgoogle&client_id=****.apps.googleusercontent.com
When it reaches my endpoint again the request arguments are:
ImmutableMultiDict([
('code', '4/***********')
])
Now I am able to access the email address and other details
The url that I redirect to from here:
https://oauth-redirect.googleusercontent.com/r/****?code=abcdefgh&state=CtcCQUxWM2ROU3hNMjl4LUItVXhQSGd4THRMLU4yNExnb3lYbGRKQnQwa3NwTVFva19NUWpYNE5jNGJURzIyZFN3RDBXd2d4enFGVWJGb0Q0ZW1vaS1OaFdkaHdhb05HZ2xlWTR6SllKVlRWYktwd09faklyUTVheFhQbGw2dmVKYzVFTk05N3B1QkxaZG41RVdHN0wyTktvRFdCYzFPVFBzM1dQUlFtN2RmM1VtRU4****(state)
This redirects me to :
https://www.google.co.in/?gws_rd=cr&dcr=0&ei=5c_fWdfKNYndvASO7o6ACA
Edit 3: I checked the network logs:
result_code=FAILURE&result_message=Account+linking+failed
I also added /token/google as the token URL in AoG. It is detected in heroku however I never receive this request in my code.
Note: I am using python flask and hosting my app on heroku
Once you have authenticated the user, you'll need to return a temporary auth code back to Google. Later, Google will exchange this auth code for an access token and a refresh token, but you're not there yet. The important part is that this code needs to be unique and that, later, you'll be able to recognize what user it is for. The code should be valid for a limited time - 10 minutes is a generally accepted time frame.
In the request Google sent to you as part of the login, they've provided a redirect_uri and a state as parameters. You'll need to use these in your reply. (state can be anything - you shouldn't care what it is, you're just going to send it back with your redirect. Its purpose is to improve security by preventing replay attacks.)
Verify that the redirect_uri has the form
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID
Where YOUR_PROJECT_ID is... you guessed it, the ID of your project. You can find this in the cloud console.
You'll then redirect the user to this URL with a few additional parameters:
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID?code=AUTHORIZATION_CODE&state=STATE_STRING
Where YOUR_PROJECT_ID is as noted above, AUTHORIZATION_CODE is the code you've generated, and STATE_STRING is the value of the state parameter that you were sent in the request.
For details, you can see https://developers.google.com/actions/identity/oauth2-code-flow#handle_user_sign-in
I am working on an application that integrates with Instagram API to access the user information. I successfully fetch the Access Token using the authorize url but unable to fetch the userId using access_token url:
i am tried both the endpoints:
https://api.instagram.com/oauth/access_token?client_id=48275564e2c445f6b8e1356djfha3e0c&client_secret=ab2062da9f314e3489dke7ae9cbe6e5d&redirect_uri=http://localhost&grant_type=authorization_code
https://api.instagram.com/oauth/access_token
with the post body as:
client_id=48275564e2c445f6b8e1356djfha3e0c&client_secret=ab2062da9f314e3489dke7ae9cbe6e5d&redirect_uri=http://localhost&grant_type=authorization_code&code=1351860224.4827556.5dc92c4d15ea4a4ea1b0d33eaf0eef19
(The data in the request is modified), But i am getting the follwing
{
"code": 400,
"error_type": "OAuthException",
"error_message": "No matching code found."
}
I have seen tons of queries and questions but could not find any solution to the problem.
The couple of questions i have is:
1) is the field code in the URL is same as access_token, if not how could i get the code field's value.
2) is there any other mechanism(API) to fetch the user details given the username is not known.
Please help me as i am completely stuck and running out my deadlines.
For me unchecking Disable implicit OAuth in instagram developer -> manage clients fixed the issue
I found that using either form-data or application/x-www-form-urlencoded works fine. The most important is the code you get from redirect uri is only used by one request. It means you could request the access token once for the code. If the you request more than one time with same code, you'll get the error like this:
{
code: 400,
error_type: "OAuthException",
error_message: "Matching code was not found or was already used."
}
Wish you all the best ;)
Try to urlEncode the redirect_uri param to
http%3A%2F%2Flocalhost
And your code param contains the "." character which might be a error.
code=1351860224.4827556.5dc92c4d15ea4a4ea1b0d33eaf0eef19
might caused the problem
"error_message": "No matching code found."
"5dc92c4d15ea4a4ea1b0d33eaf0eef19" seems to be the correct code
I got same error. It seems that instagram's spam system disable user's access to any non-official application. Just change user's password. In my case it was help.
Also try create another application.
UPD
From my answer to another question
It looks like users get more than one code, and you see first code, but need second. Try relogin users, if you gets error. User will not see instagram page with confirm button, just redirections.
Possible algorithm of error:
1. User click auth link.
2. Get first code.
3. User click auth link (twice, redirection problem, public auth system, etc.)
4. Get another code (even on the same client_id, redirect_uri).
5. You get first code.
6. But first code already doesn't exists.
The problem is here that need redirect url set as http://localhost/signin-instagram
signin-instagram part is very important
So go to Instagram.com/developer ->Manage Client-> Security -> Valid redirect URIs set with that end http:/../signin-instagram
Off late instagram python snippet fails due to missing content-type HTTP header
response, content = http_object.request(url, method="POST", body=data,headers = {"Content-type": "application/x-www-form-urlencoded"})
adding application/x-www-form-urlencoded worked for me
I will mention what worked for me.
Step 1. Generate a new client secret from you panel.
Step 2. Follow the step 1 mentioned here to obtain the code again.
Step 3. Send the request again with the changed parameters.
Make sure you are logged in the browser when you send the request. You will get the required response.
Go into Facebook for Developers > Your app. Click on "Roles" and add an Instagram test-account under "Instagram Testers".
Log into instagram.com and go to: Settings > Security > Apps and Websites, where you will accept the test invitation.
Prepare your URL link, which you will paste into the web browser. Make sure to use a valid redirect URI from "Valid OAuth Redirect URIs" from the Instagram Basic Display settings.
If you did everything right, the Instagram tester account for the app, will have the option to gain access to user_profile,user_media. Continue the process to get the code which you can exchange for a short-lived access token.
I have a working Dropbox application, using oauth. I am extending the application and have added a new redirect-uri in the App Console. I am absolutely sure that the redirect uri is correct, but I am getting a 400 Invalid redirect-uri error. My uri begins with https:// as required.
Is there a delay before new redirect uris take effect?
This is the error:
More details for developers
Invalid redirect_uri: u'https://shareddom.ws/mse/auth/guest_portal.php'. It must exactly match one of the redirect URIs you've pre-configured for your app (including the path)
This the uri, cut and pasted from the App Console:
https://shareddom.ws/mse/auth/guest_portal.php
I don't think there should be any delay at all (certainly no more than a few seconds at most).
Those two strings appear to be identical, so my guess would be that the redirect URI isn't in the right place (or maybe under the right app?). Double check that the app key you're using matches the app key you're looking at in the App Console and that redirect URI is under the "OAuth 2 Redirect URIs" section of the page.
If you're still having trouble, I'd suggest opening a support ticket so we can double check the app details for you: https://www.dropbox.com/developers/contact.
I want to create an access token for my foursquare app.
I've tried it with an PHP library and runscope.com
I always geht this message from foursquare, after I've clicked on "create token" (please note, I translated this text from German into English):
"Connection failed: This app hast got an configuration problem and couldn't make a connection to your facebook-account.
Cause of Error: Callback uri is not valid for this consumer."
I think the callback uri is the redirect uri - but that doesn't work. Is this false? What have I to do?
Can anybody help me or have an idea?
Thank you very much!
Make sure that the redirect_uri in your OAuth URL matches exactly what you have in your app settings page on Foursquare.
I am using the ruby twitter gem and oauth to gain access to users twitter accounts. In my code, I have:
unless #user.twitter_authd?
oauth = Twitter::OAuth.new('token', 'secret')
session[:twitter_request_token] = oauth.request_token.token
session[:twitter_request_secret] = oauth.request_token.secret
#twitter_auth_url = oauth.request_token.authorize_url
end
where token and secret have my actual token and secret inserted. When I click on the link to the #twitter_auth_url, I am taken to twitter and asked to grant access. I click allow and then twitter redirects me to my callback URL http://www.mydomain.com/twitter_callback/?oauth_token=fmy2aMvnjVgaFrz37bJ4JuB8r5xN79gsgDQRG4BNY which then hits this code:
oauth = Twitter::OAuth.new('token', 'secret')
logger.info("session[:twitter_request_token] = #{session[:twitter_request_token]}")
logger.info("session[:twitter_request_secret] = #{session[:twitter_request_secret]}")
oauth.authorize_from_request(session[:twitter_request_token], session[:twitter_request_secret])
session[:twitter_request_token] = nil
session[:twitter_request_secret] = nil
#user.update_attributes({
:twitter_token => oauth.access_token.token,
:twitter_secret => oauth.access_token.secret,
})
redirect_to root_path
The twitter request token and secret are being set just fine. However I end up with an authorization error:
OAuth::Unauthorized in MainController#twitter_callback
401 Unauthorized
RAILS_ROOT: /Users/TAmoyal/Desktop/RoR_Projects/mls
Application Trace | Framework Trace | Full Trace
/Library/Ruby/Gems/1.8/gems/oauth-0.3.4/lib/oauth/consumer.rb:167:in `token_request'
/Library/Ruby/Gems/1.8/gems/oauth-0.3.4/lib/oauth/tokens/request_token.rb:14:in `get_access_token'
/Library/Ruby/Gems/1.8/gems/erwaller-twitter-0.6.13.1/lib/twitter/oauth.rb:29:in `authorize_from_request'
/Users/TAmoyal/Desktop/RoR_Projects/mls/app/controllers/main_controller.rb:70:in `twitter_callback'
The code is failing at this line:
oauth.authorize_from_request(session[:twitter_request_token], session[:twitter_request_secret])
when it tries to get an access token. You can see the source code of authorize_from_request here. I am not sure why this is happening. Anyone have ideas?
A bit late to the party but just ran into the same issue myself. I tracked the issue down to the setup of my OAuth app in Twitter. I had initially not specified a callback URL as I was unsure of it.
Once I had setup my rails app I went back to find Twitter had assumed I was a desktop application as I hadn't specified a callback URL. Once I changed this to website and entered a callback URL I stopped getting 400s.
If you're getting error 401 - OAuth::Unauthorized, make sure you edit the settings of your Twitter application as follows:
Application Type: Browser
Callback URL: http://127.0.0.1:3000/auth/twitter/callback
this is an issue about time synchronization of your system with twitter server.
Twitter doesn't allow localhost as part of a valid callback URL.
Instead use http://127.0.0.1:3000/auth/twitter/callback
Hope this helps
This was one of the most annoying things to debug that I have come across. I was outputting in a couple places by accident because the URL's are dynamic and they happened to not be defined in my test case (i use this to display chart data and there is not enough right now so the google chart api URL's are blank). This caused my browser to make multiple requests to my localhost when some pages were loaded. Somehow that made the oauth process crap out. Obviously there is no way for people on S.O. to know about my application specific issue so I had to answer my own question.
I had this same problem and none of the suggestions in this thread worked for me.
I found the problem for me was the TIMESTAMP on my request. The mobile device I was running my scripts on had a jacked up clock. When I updated the system time on my device to the correct time (i.e. now), all of my requests came back "200 OK" instead of "401 Unauthorized".
This problem seems to be caused by twitter not being able to handle connection keep-alive correctly. Make sure you set connection=close http header in the request to twitter. Wasted a weekend debugging this.
not enough info for me, but when was twitter gem last updated? twitter changed their oauth 'stuff' in mid may approx. perhaps you have an old one. I'd update your question to show the callback_url, and make sure you have the right token and secret, which it looks like you don't have.
also, did you put the right callback url in your twitter app page? alot of times that screws you up too.
if that fails use mbleighs twitter_auth instead. it worked for me and is pretty slick.