I'm trying to follow the Google Oauth guide to give my Rails app permission to edit users' calendars. Maybe I'm misunderstanding, but the guide seems to say that all you have to do is send a certain request to the Google API, and that will prompt the consent screen to pop up for the user. However, I'm sending the request with no errors, but nothing happens.
My app has been verified, and the URL I'm attempting this on has been added to my Oauth credentials. Theoretically in this instance it shouldn't matter, but I also have the 'google-api-client', 'omniauth', and 'omniauth-google-oauth2' gems installed. The URL is HTTPS with an SSL cert.
What am I doing wrong?
# this is the controller action for my path, so the API is pinged when the page is loaded
def path
url = "https://accounts.google.com/o/oauth2/v2/auth?
scope=email%20profile%20calendar.events&
response_type=code&
redirect_uri=<URL>&
client_id=<CLIENT_ID>"
require 'open-uri'
require 'uri'
require 'net/http'
require 'json'
require 'net/https'
uri = URI(url)
response = Net::HTTP.get(uri)
end
The guide is a little confusing. They say "send a request to the URL https://accounts.google.com/o/oauth2/v2/auth" but actually mean "open that URL in a browser". I think that is the point that you misunderstood.
So, create this html file:
<a href="https://accounts.google.com/o/oauth2/v2/auth?scope=email%20profile%20calendar.events&response_type=code&redirect_uri=REDIRECT_URI&client_id=CLIENT_ID">Login
with Google</a>
Now open the html file in a browser and click the link. You will notice that the Google server redirects the browser to the REDIRECT_URI you have specified. Either you can see that in your web server logs (if the server works) or the browser will display an error message and you can see the URL with all query parameters sent by Google in the browser address bar.
See in the docs what your server has to respond to the redirected request so that the consent screen finally shows up.
When it shows up, the procedure is similar: You - as the user - grant the permissions requested, and when you click the button, Google will respond again with a redirect, and you then harvest the token from the query parameters.
Related
I'm attempting to sign in users with the LinkedIn Omniauth 2 gem. I have tried a few different possibilities for the redirect, read several articles and nothing is working.
I'm trying to test this locally.
Rails 4 app
Gems include:
omniauth
omniauth-linkedin-oath2
A few attempts of the redirect URL to put in the box includ:
https://www.linkedin.com/uas/oauth2/authorization?client_id=759dczzx23nyic&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Flinkedin%2Fcallback&response_type=code&scope=r_basicprofile+r_emailaddress&state=8da572e31a8e66e6b1de54acddd14937d976ed06d7ed3217&client_id=*
= API Key that needs to stay private
http://localhost:3000
http://localhost:3000/
http://www.localhost:3000
https://localhost:3000
https://localhost:3000/
https://www.localhost:3000
I read both of these articles the entire way through, but still couldn't attempt to find the correct way to redirect it.
https://developer.linkedin.com/forum/register-your-oauth-2-redirect-urls
https://developer.linkedin.com/forum/oauth-20-redirect-url-faq-invalid-redirecturi-error
Any help in what I need to change would be great.
They need to match exactly what you are sending:
http://localhost:3000/auth/linkedin/callback
In case of Linkedin Authorized Redirect URLs should be in form of:
http://localhost:8080/your-project-name/auth/linkedin
After authentication if you want to redirect to a specific page then
http://localhost:8080/your-project-name/that-page-url
I was having a similar issue and kept getting "Invalid redirect_uri. This value must match a URL registered with the API Key." error when using Auth0
I added URL below to LinkedIn's list of allowed callback then it worked.
https://"Insert your Client Domain Name from Auth0"/login/callback
I am working on a Rails application which is in development mode and it can register with omniauth.
The host is
http://localhost:3000/
I'm using the gems:
gem 'omniauth'
gem 'omniauth-foursquare'
gem 'omniauth-instagram'
When I register through omniauth with Foursquare there's no problem at all. All the settings are right and my redirect_uri in the Foursquare developer settings equals to the host (localhost:3000)
However, if I fill in the exact same redirect_uri (localhost:3000) in the Instagram client manager*. Instagram gives me this:
{
"code": 400,
"error_type": "OAuthException",
"error_message": "Redirect URI does not match registered redirect URI"
}
Based upon this URL:
https://instagram.com/oauth/authorize?response_type=code&client_id=<ID>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Finstagram%2Fcallback&state=18415adf24dd97873e61094f67c0fb7a94857fedf93e9d2e&scope=basic
*
What am I doing wrong according to Instagram and how should this be fixed?
Fixed the issue myself. Added localhost:3000/auth/instagram/callback as redirect_uri and it worked just fine.
When you specify a redirect URI http://localhost:3000 is not the same as http://localhost:3000/ (note the trailing slash).
Make sure the callback URI matches exactly.
I needed to add
http://localhost:3000/users/auth/instagram/callback
as my callback URI because I'm using Devise.
For Drupagram module (Drupal 7) added: http://localhost:3000/instagram/oauth as redirect_uri
For anyone that is having this issue and the redirect uri provided to instagram is exactly the same as the one you're using, i've found that some users were typing my website address as http://www.example.com/login when in my instagram api it was http://example.com/login.
Then I created a php script to detect if the string www exists in my url and then reload to the same page but without the www.
if(strpos($_SERVER['HTTP_HOST'], 'www.') !== FALSE) {
header("Location: ".str_replace('www.', '', $_SERVER['HTTP_HOST'].'/'.$_SERVER['REQUEST_URI']));
}
Issue: Oauth2 Instagram API “redirect URI does not match registered redirect URI
My Solution: Please check ng-cordova-oauth.js file and check instagram function in that. Verify redirect_uri value is same as register your application on developer console for Instagram.If it is same it works properly,otherwise you get the above issue.
{"error_type": "OAuthException", "code": 400, "error_message": "Redirect URI does not match registered redirect URI"}
How to get Access token from instagram
Your website url must be same when registering sandbox clien api on instagram https://www.instagram.com/developer/
here we used website url: https://adlivetech.com
Valid redirect URIs: https://adlivetech.com/
For live website you can get Access token easily by using https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
Replace above url "CLIENT-ID" with your client ID
Replace above url "REDIRECT-URI" redirect url should be your domain name like: http://adlivetech.com
https://adlivetech.com/access_token=YOUR_ACCESS_TOken
I mucked around with this for ages..
perhaps it has changed but:
http://localhost:3000/users/auth/instagram/int_callback
was the callback URI that finally worked for me.
The ONLY issue i was having was that it was exactly an incorrect callback uri and wish I had seen here that I should be focusing on my Instagram setup instead of modifying my code.. to get the error message means everything else is working (so far), otherwise you would not be getting that particular error message.
Good luck!! - don't get distracted!
This isn't a ruby-specific but for anyone else wrestling w/this here's what got me past it (note: nothing in above answers worked for me):
1. Edit your Client on Instagram Developer and uncheck Disable implicit OAuth.
2. Click Update Client to save it.
3. Now go to https://instagram.com/oauth/authorize/?client_id=[CLIENT_ID]&redirect_ur.... Just change [CLIENT_ID] and [REDIRECT_URI] with their values.
4. After that you will be redirected to [REDIRECT_URI]/#access_token=[ACCESS_TOKEN]. Get it and place it on the Instagram Access Token textbox.
(Source: https://www.drupal.org/project/instagram_feeds/issues/2140479)
...Or you can follow the instructions here:
https://instagram.com/developer/authentication/?hl=en
See "Step One: Direct your user to our authorization URL" section.
Just simply supply your CLIENT_ID and REDIRECT_URI.
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
Trying to write a facebook app and am attempting authentication. This is a rails 3.1 application
The First redirect where I give facebook my api and it returns a code seems to run well. But when I try to take that code and 'exchange it' from a access_token I run into problems.
The access token appears where the iframe aws.
Here is my code.
def index
#Load facebook.yml info
config = YAML::load(File.open("#{Rails.root}/config/facebook.yml"));
# setup client
redirect_to "https://graph.facebook.com/oauth/authorize?client_id=#{config['development']['app_id']}&redirect_uri=#{CALLBACK_URI}"
end
def callback
logger.debug("c")
config = YAML::load(File.open("#{Rails.root}/config/facebook.yml"));
if (!params.key?('access_token'))
logger.debug("A")
redirect_to "https://graph.facebook.com/oauth/access_token?client_id=# {config['development']['app_id']}&redirect_uri=#{CALLBACK_URI}&client_secret=#{config['development']['client_secret']}&code=#{params['code']}"
return
end
logger.debug("B")
access_token = params['access_token']
#me = FbGraph::User.me(ACCESS_TOKEN)
#name=#me.name
end
end
You are not supposed to redirect the user’s browser to the second endpoint (think for a moment, you are putting your app secret into that URL, so it would be easy for everyone to spot it there) – you are supposed to make a server-side call to that endpoint.
The docs clearly say so, https://developers.facebook.com/docs/authentication/server-side/:
“Once the user has authorized your app, you should make a server side request to exchange the code returned above for a user access token.”
I've recently enabled the Facebook Open Graph stuff on my web app (so and so has just read this and that on here and there). Now I post the request to Facebook when a user posts something, as part of the page load in the controller. The problem is I receive the following error:
HTTP 500: Response body: {"error":{"type":"Exception","message":"Could
not retrieve data from URL."}}
My first thought is that the open request to load the page is blocking any FB scraping of OG information, as it seems after it's been cached I no longer receive this error.
Is this likely? If so, what's the best way to work around it?
WHY THIS HAPPENS:
I had this same problem today, and it is because your Koala script (assuming you're using koala - if not, you should try it out because it's great) sends its request to Facebook before your URL is up. This means that when Facebook registers the post, it comes to the URL you specified to pick up the meta tags. Unfortunately, the page itself hasn't been loaded yet, giving it a 500 error
HOW TO SOLVE IT:
Use the delayed_job gem to prevent your post call from occurring before the page loads, which allows facebook to scrape your metatags correctly.
FOR EXAMPLE:
def post_to_facebook([ACCESS_TOKEN])
graph = Koala::Facebook::API.new([ACCESS TOKEN])
graph.put_connections("me", "[APP NAMESPACE]:[ACTION]", :[OBJECT TYPE] => [OBJECT_URL])
end
handle_asynchronously :post_to_facebook
The website I'm making makes it possible to connect your account with your youtube account. From localhost, this works perfectly, but from the site, which is step1tuts.appspot.com, it doesn't work. When I redirect the user to the authentication page from my website, I get the following message:
The page you have requested cannot be displayed. Another site was
requesting access to your Google Account, but sent a malformed
request. Please contact the site that you were trying to use when you
received this message to inform them of the error.
The code that handles this authentication looks like this:
client = youtube.get_client()
client.developer_key = 'AI39si759T7YcZ4E3XvICpZr3cGwQ0Ev4AjwyJrVSS6AW6NUc7_t10DX1JsngWzU4YoGjpsjAUTejav0hgXp9vDuM7a83tDXzQ'
client.client_id = 'step1tuts.com'
domain = 'http://' + os.environ['HTTP_HOST']+"/user/youtube_token"
scope = 'http://gdata.youtube.com'
url = client.GenerateAuthSubURL(domain,scope,secure=False,session=True)
self.redirect(str(url))
return
The url I'm redirecting to, ending in /auth_token then processes the token it gets back from youtube, but the error happens here.
Just for clarity, the youtube.get_client method is one that I developed to reuse the process of making the client appengine ready: the code for that is:
def get_client():
client = gdata.youtube.service.YouTubeService()
run_on_appengine(client)
client.developer_key = 'AI39si759T7YcZ4E3XvICpZr3cGwQ0Ev4AjwyJrVSS6AW6NUc7_t10DX1JsngWzU4YoGjpsjAUTejav0hgXp9vDuM7a83tDXzQ'
client.client_id = 'step1tuts.com'
user = users.get_current_user()
if(user and user.yt_token):
client.SetAuthSubToken(user.yt_token)
return client
While pasting in this code, I noticed that I'm duplicating the part where I give my developer key. I don't think that that's the problem, but I'll remove that from the authentication part of my code, and see what happens.
The problem must be tracable by watching the url that the user is redirected to, so just for some extra info, the url that I'm redirected to when I'm using the app on my local machine using the SDK, with which it works:
http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2Flocalhost%3A8081%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default
And the url that I'm redirected to when I use the same code on production:
http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2Fstep1tuts.appspot.com%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default
Interesting. All other urls work except this one. Probably a bug on youtube side? I just added a '.' at the end of your domain and the request seems to go through. Maybe you can try that?
http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2Fstep1tuts.appspot.com.%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default