I am trying to connect to Windows Live using oauth and I am getting an error "The provided value for the input parameter 'redirect_uri' is not valid. The expected value is 'https://login.live.com/oauth20_desktop.srf' or a URL which matches the redirect URI registered for this client application."
Because Windows requires a domain for their api I have changed my localhost domain to 'blumelocal.com'
I am using the 'omniauth-windowslive' gem and here is my omniauth.rb file
Rails.application.config.middleware.use OmniAuth::Builder do
provider "windowslive", 'MYCONSUMERID','MYCONSUMERSECRET', :scope => 'office.onenote'
end
I navigate to 'blumelocal.com:3000/auth/windowslive' (I should add, that it redirects to 'www.blumelocal.com:3000/auth/windowslive', im not sure if this is part of the issue).
routes.rb
get '/auth/windowslive/callback' => "users#windows_auth"
in the Microsoft Developer Center I have set my targetdomain to "blumelocal.com", and redirect url to "http://blumelocal.com" (and have experimented with a variety of different possibilities".
When I navigate to blumelocal.com:3000/auth/windowslive I get taken to an error page with the error at the top
I believe in the developer center it needs to be blumelocal.com:3000, not just blumelocal.com.
Related
I have modified sample code that connects to OneDrive and allows user to upload/download images to OneDrive. I have deployed MVC5 app here. Below is key piece of javascript code
$(document).ready(function () {
var client_id = "61029bc2-373d-46d6-935b-ab34b325ef3a",
scope = ["wl.signin", "wl.basic", "wl.skydrive", "wl.skydrive_update"],
//redirect_uri = "http://localhost:61727/home/callback"; //when redirect_uri is configured as localhost everything works find
redirect_uri = "http://onedriveuploaddemo.azurewebsites.net/home/callback"; //When I deploy application to azure get error saying invalid redirect_uri
WL.Event.subscribe("auth.login", onLogin);
WL.Event.subscribe("auth.sessionChange", onSessionChange);
WL.init({ client_id: client_id, redirect_uri: redirect_uri, response_type: "token", scope: scope });
WL.ui({ name: "signin", element: "signin" });
});
Please see below configuration of app
When I configure 'redirect_uri' as local host i.e. (http://localhost:61727/home/callback). Application works as expected. When I click on login button it redirect me to windows live login screen, then I can enter my username/password and I am redirected back to 'redirect_url'
But trouble starts when I change 'redirect_uri' that is pointing to page thats hosted in azure. I have hosted the MVC app here . When I click on 'SignIn' button it opens up dialog and closes it immediately. I am not able to grab error message. But it seems to be an issue with 'redirect_uri'
Do I need to enable any setting in Azure in order to get this done?
Note: While configuring 'redirect_uri' I am changing it at both the places i.e. in MVC app and in 'Application Registration Portal' and both are identical.
Using Fiddler4, I was able to catch the error message, which is:
The provided value for the input parameter 'redirect_uri' is not valid. The scope 'wl.signin wl.basic wl.skydrive wl.skydrive_update' requires that the request must be sent over a secure connection using SSL.
Microsoft now requires that the redirect URI use SSL for all authentication redirects. Localhost is exempt, which is why it worked there. If you want to allow login using Microsoft Account, you need to have SSL support on your site.
Also: it looks like you are using the very old LiveSDK for JavaScript, which isn't recommended any more since it doesn't support the newer OneDrive API. While there isn't a OneDrive SDK for JavaScript, you may find the sample code in OneDrive-Explorer-JS helpful to handle authentication without using the LiveSDK code. In particular, odauth.js should do pretty much everything you need.
I'm having trouble configuring my Twitter Oauth in a RubyonRails webapp.
The full trace error: http://pastebin.com/2yf1cE8E
The User.rb http://pastebin.com/UUTiTKvy
The app controller http://pastebin.com/bK9ghUJR
The session controller http://pastebin.com/kxYRd1TU
The routes.rb http://pastebin.com/bt7HMRFy
Omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter, 'JsR9zFGrVuDYuFueRnBQK9tpp', ' tDubF5v9uDRvfio7UBZd2XlFYUQQrftE7Qzk6FPaNOucOTWVlf'
end
Thanks, Alex.
Looking at the error, I think you did not define the callback url of Twitter. You have to go into twitter applications and define the URL of your webapp in your callback.
Looking at the error and the code you provided, you're not properly authenticating to Twitter. The 401 response is basically telling you that Twitter doesn't like the identity information you're passing in. So I would verify your keys are correct, and that OmniAuth doesn't require any additional configurations (e.g. specific endpoints Your second key in the Omniauth middleware code appears to have additional spaces in it, you may have done that for security purposes, but I'm pretty sure that keys shouldn't start with spaces.
IMPORTANT NOTE: Once you've confirmed a fix, you should request new keys for your Twitter account, as they have been posted publicly to this forum.
So I'm trying to make an app where I want to allow users to login using their Instagram accounts. This is a Rails app. I'm mostly following Railscast 241 for doing this except that I use Instagram API instead of Twitter API. I'm not using devise.
I installed the gem 'omniauth-instagram' and I have the following in one of my initializers -
Rails.application.config.middleware.use OmniAuth::Builder do
provider :developer unless Rails.env.production?
provider :instagram, ENV['MY_CLIENT_ID'], ENV['MY_CLIENT_SECRET']
end
The problem is that when I direct the user to the 'auth/instagram' path the request does not contain my client-id (I check the Chrome debugging tools > Network to make sure of this). And as a result, although it takes the user to the login page, but then it fails and gives the following response -
{"code": 400,
"error_type": "OAuthException",
"error_message": "You must include a valid client_id, response_type, and redirect_uri parameters"}
So instead of making the request o 'auth/instagram' path I direct the user to the actual autorization URL i.e.
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
And all goes according to the plan. Except that I don't get the user information as a part of request.env['omniauth.auth'] inside my controller method (after being successfully redirected to the right URL). Infact request.env hash does not have omniauth.auth as one of its keys. The fix to this is that I'll manually have to write a curl -F query to the API to get the user information.
But that sounds like too much work and I feel there must be something that I might have been doing wrong. Why isn't the gem making the correct request with my provided client_id? and why isn't 'omniauth.auth' get properly populated as part of the params?
Some relevant resources -
Instagram API authentication page
omniauth-instagram gem
I created a Google OAuth 2.0 ClientID and secret in Google Developer console
After that I tested in Google OAuth playground (https://developers.google.com/oauthplayground).
and registered ClientID and secret already created above and applied to Google OAuth 2.0 playground setting menu.
Some people say that after creating ClientID/secret they need some time for testing. So after two days I tried to test in the same conditions but the error is same redirect_uri_mismatch.
How can I solve this?
As little as having a '/' at the end of your uri and not having the same '/' at the end in your code will throw it off.
Your site URL and the Authorized redirect URIs in developer console should be the exact match.
This kind of error occurs if one URL has www (http://www.example.com) and the other URL is non-www (http://example.com).
Other common URI mismatch are:
Using http:// in Authorized Redirect URIs and https:// as actual URL, or vice-versa
Using trailing slash (http://example.com/) in Authorized Redirect URIs and not using trailing slash (http://example.com) as actual URL, or vice-versa
Here is the step-by-step procedure (with screenshots) to update the Authorized redirect URIs in Google Developer Console (For those like me who found it difficult to get to that page).
Go to https://console.developers.google.com
Select your Project
Click on the menu icon
Click on API Manager menu
Click on Credentials menu. And under OAuth 2.0 Client IDs, you will find your client name. In my case, it is Web Client 1. Click on it and a popup will appear where you can edit Authorized Javascript Origin and Authorized redirect URIs.
Here is a Google article on creating project and client ID.
It should be a exact match what you have given in the console.developers.com.
In my case I missed the www in the url.
For eg: you have given http://www.google.com but in console.developers.com you gave http://google.com
It will still throw error. So it should be exact match.
The redirect URI (where the OAuth response is returned to) has to be registered in Google APIs console, and the error is indicating that you haven't done that, or haven't done it correctly.
Go to the console for your project and look under API Access. You should see your client ID & secret there, along with a list of redirect URIs. If the URI you want isn't listed, click edit settings and add the URI to the list.
I kept getting this same error until I realized that I needed to put "signin-google" at the end of the redirect setting in the Google API console, like this (ie, NOT http://www.example.org/api):
http://www.example.org/api/signin-google
(Magento 1.*) if You use inchoo Social Connect Magento extension then:
Set below url in your google app (OAuth 2.0 client IDs):
Authorized Redirect URIs: http://www.example.com/socialconnect/google/connect/
Authorized JavaScript Origins: http://www.example.com
Don’t forget to replace http://www.example.com with your domain
Please make sure that in your google-client-api, the value of credentials in these field are matched as what you got from Google API console:
$client->setClientId('xxx.apps.googleusercontent.com');
$client->setClientSecret('xxx');
$client->setRedirectUri('http://example.com/oauth2callback');
$client->setDeveloperKey('xx');
This could happen when the value of setRedirectUri is different from the one you set in Google API console.
I am trying to add open-id functionality to my app, I am using omniauth and omniauth-openid gems for same.
I have done the installation steps added it to initializer as middleware,
require 'omniauth-openid'
require 'openid/store/filesystem'
Rails.application.config.middleware.use OmniAuth::Builder do
provider :open_id, :store => OpenID::Store::Filesystem.new('/tmp')
end
and a routes for andling callback
match '/auth/:provider/callback' => 'callback#myauthentication'
when I try to hit this url, to connect to google provider
http://[mydomain]/auth/open_id?openid_url=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
I get connection failed error everytime
For Yahoo
http://[mydomain]/auth/open_id?openid_url=http%3A%2F%2Fme.yahoo.com%2F
Furthur if I try with yahoo open id , even after authenticating correctly I get invalid_credentials error
Update 1:
I am using apache web server, and thin/webrick app server. I verified that if I am not behind a apache web server and run directly as localhost:3000 it works fine. Why does omniauth behave differently
Try this gem https://github.com/zquestz/omniauth-google-oauth2, I've had good results with it.