So I went to this guide that explains how to start with omniauth. When I got to the end of step 4 to test the application at localhost:3000/auth/facebook, I got this error:
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the application configuration.",
"type": "OAuthException",
"code": 191
}
}
I understand the problem is the URL in the Facebook developer center, but none of the solutions I read works for me...
(I know that there are some questions before regarding this issue, but I'm new to Ruby on Rails and need an explanation for dummies.)
Defining these settings at the Facebook developer center solved this for me:
App Domain: (blank)
Site URL: http://localhost:3000
Check the website option and set the site URL to http://localhost:3000/.
If the Facebook user is being generated in your Ruby on Rails application as
http://localhost:3000/users/auth/facebook
you need configure the Facebook application (Website) under the App section to redirect to
http://localhost:3000/users/auth/facebook/callback
if you are in a production environment, something that i missed was just removing www. from the site url that you specify in the facebook app settings (settings > basic > Website with Facebook Login > site url).
so instead of http://www.website.com/ you should enter in http://website.com
this worked for me after a few hours of trying to figure out what was wrong and why i was getting this redirect erro.
If you already added a site url you must provide email and turn your app live, you can add email in settings -> basic -> contact email and then make your app live in APP REVIEW -> MAKE "you_app_name" PUBLIC? -> yes
Related
I'm implementing Facebook login on a Rails 5 app with Devise and the omniauth-facebook gem and I'm getting the following error:
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
I followed this tutorial: https://medium.com/#trydelight/facebook-authentication-with-devise-5b53d2f664ed
So for the "Valid OAuth Redirect URIs" it works locally with no URIs whitelisted, but for production I added
https://noora.app/users/auth/facebook and https://www.noora.app//users/auth/facebook (the production domain is noora.app). After getting the error I even added 2 more URIs with a / on the end and added noora.app and www.noora.app as domains, but I'm still getting the same error.
The app is on live mode and the login page is at https://noora.app/users/sign_in. Part of the Facebook settings are here:
Any ideas? Config seems good, but maybe someone sees something I don't? Thanks!
You should whitelist your callback url, not the one that has login button:
https://noora.app/users/auth/facebook/callback
I was looking for this answer for hours, the solution for me was:
When I checked the params in facebook error page, it said:
redirect=mydomain/auth/facebook/callback
and not:
redirect=mydomain/users/auth/facebook/callback
So I add the first one to Valid OAuth Redirect URIs, without users, and problem solved!!!
Bummer, something went wrong
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=test&redirect_uri=http://test.custom.com/abc/linkedin&state=DCEeFWf45A53sdfKef424asgTyhgTR5
when I use the above url I am getting "Bummer, something went wrong.
We're having difficulty connecting."
you need to add Sign In with LinkedIn permission in product tabs
from the app settings page go to the product tab and add Share on linkedin and Signin with linkedin to get the following permissions r_emailaddress, r_liteprofile, w_member_social
Hello I had a similar problem and I fixed it by doing this ;
You have to ensure that everything in your APP page ( https://www.linkedin.com/developer/apps ) matches the parameters in your authorization URL . SO for example in your case , https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=test&redirect_uri=http://test.custom.com/abc/linkedin&state=DCEeFWf45A53sdfKef424asgTyhgTR5 ;
You would have to ensure that your client_id in the auth URL matches the Client-Id on your APP page and also ensure that the redirect_uri you specified in your auth URL has been authorized on your app page as shown below . If you are passing in scopes as well, also ensure that they match perfectly . As you can see in the image below , my redirect_uri has been authorized from my app page .
Recreate a application after 12/15/2018 solved the problem for me.
(Any developer application created through the LinkedIn Developer Portal after December 15, 2018 automatically has access to the v2 API.) https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq?context=linkedin/consumer/context
I ran into same issue.
Changing value of redirect_uri in linkedin app from http to https helped solved the issue. See picture below:
In your case, url should have been:
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=test&redirect_uri=https://test.custom.com/abc/linkedin&state=DCEeFWf45A53sdfKef424asgTyhgTR5 ;
The best is to inspect how is the link generated by linkedin developer tool for you and then you just have to change the redirect url
https://www.linkedin.com/developers/tools/oauth
then "create token" then select all permission and click on "Request access token"
if you have the development window open you can see a query authorisation is done, then you can just copy this url and change the redirect_url.
]1
so for me
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=myclientid&redirect_uri=myredirectid&scope=r_emailaddress%2Cr_liteprofile%2Cw_member_social&state=e6c0e1c8-1a35-478f-8eea-b0412a6675c9
I am working on a Rails 4 app. On my laptop, development is done at localhost:3000. The actual domain of the site is roomidex.com.
How can I set up a Facebook app so it works on production and development?
Here is the current configuration:
App Domains: roomidex.com
Website With Facebook Login:
Site URL: http://www.roomidex.com
When I try to do a Facebook login on localhost:3000, I get this not surprising error:
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException",
"code": 191
}
}
On the Facebook App page, click "edit App" then click "Advanced" in the left-hand navigation. Then for "Valid OAuth redirect URIs" add http://localhost:3000... or whatever you want the accepted redirect to be.
You can create a test app that's connected to your main app. On the Dashboard or Settings page for your main app. scroll down and you'll see "Test Apps" in the menu that runs down the left side of the page. The test app will inherit settings from the main app, but it will permanently be in development mode, and it will have its own ID.
More info on test apps here:
https://developers.facebook.com/docs/apps/test-apps/
The protocol for setting up an app to work on localhost has changed. After you get your test app set up, this explains the steps for setting it up to work on localhost:
https://stackoverflow.com/a/24253054/2803458
Your error is saying
localhost URL is not allowed in the application
I know, FB does not give a s**t about explaining, what do to in those moments, however, as far as I am concerned, I have found workaround.
Basically, you need to "whitelist" locahost url in your app
Here is what you are going to do
Go to the app edit/summary page
In the fourth field App Domains, you should already have roomidex.com, so add another address localhost
The urls mentioned above are only valid, if each one of them is put into tabs, where you set, how you app integrates with Facebook (website with facebook login, App on facebook, Mobile web, …)
I do this: I put my working URL, in your case roomidex.com into Website with facebook login, and my test, localhost URL, either into App on facebook or Page tab
June 2015
Go to My Apps > Settings > Basic
App Domains
localhost
Site Web
URL : http://localhost:8888/
Mobile URL : http://localhost:8888/
It didn't work with port 80 or without any port unfortunately.
Adding localhost to the Valid OAuth redirect URIs in the test app did not work for me but adding 127.0.0.1 did.
Facebook now requires "Valid OAuth redirect URIs" to be https.
To use https locally (localhost:3000), I used [ngrok][1] which allows you to use https by providing a tunnel. To do this:
I went to their website and downloaded their program
I extracted the file for the program
In my console, I went into the directory where ngrok was extracted to and entered 'grok http 3000' on my Windows machine, others may use './grok http 3000'
After entering that, ngrok provided a https address which I put into the Valid OAuth Redirect URIs field in Facebook
Then I started my server and was able to access it using that https address instead of localhost:3000
Just create two applications.
One for testing and one for release. You cannot supply the app with separate URL configurations.
Just edit your hosts file with your domain that pointing to localhost and it should work fine.
I am working on a Rails application which is in development mode and it can register with omniauth.
The host is
http://localhost:3000/
I'm using the gems:
gem 'omniauth'
gem 'omniauth-foursquare'
gem 'omniauth-instagram'
When I register through omniauth with Foursquare there's no problem at all. All the settings are right and my redirect_uri in the Foursquare developer settings equals to the host (localhost:3000)
However, if I fill in the exact same redirect_uri (localhost:3000) in the Instagram client manager*. Instagram gives me this:
{
"code": 400,
"error_type": "OAuthException",
"error_message": "Redirect URI does not match registered redirect URI"
}
Based upon this URL:
https://instagram.com/oauth/authorize?response_type=code&client_id=<ID>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Finstagram%2Fcallback&state=18415adf24dd97873e61094f67c0fb7a94857fedf93e9d2e&scope=basic
*
What am I doing wrong according to Instagram and how should this be fixed?
Fixed the issue myself. Added localhost:3000/auth/instagram/callback as redirect_uri and it worked just fine.
When you specify a redirect URI http://localhost:3000 is not the same as http://localhost:3000/ (note the trailing slash).
Make sure the callback URI matches exactly.
I needed to add
http://localhost:3000/users/auth/instagram/callback
as my callback URI because I'm using Devise.
For Drupagram module (Drupal 7) added: http://localhost:3000/instagram/oauth as redirect_uri
For anyone that is having this issue and the redirect uri provided to instagram is exactly the same as the one you're using, i've found that some users were typing my website address as http://www.example.com/login when in my instagram api it was http://example.com/login.
Then I created a php script to detect if the string www exists in my url and then reload to the same page but without the www.
if(strpos($_SERVER['HTTP_HOST'], 'www.') !== FALSE) {
header("Location: ".str_replace('www.', '', $_SERVER['HTTP_HOST'].'/'.$_SERVER['REQUEST_URI']));
}
Issue: Oauth2 Instagram API “redirect URI does not match registered redirect URI
My Solution: Please check ng-cordova-oauth.js file and check instagram function in that. Verify redirect_uri value is same as register your application on developer console for Instagram.If it is same it works properly,otherwise you get the above issue.
{"error_type": "OAuthException", "code": 400, "error_message": "Redirect URI does not match registered redirect URI"}
How to get Access token from instagram
Your website url must be same when registering sandbox clien api on instagram https://www.instagram.com/developer/
here we used website url: https://adlivetech.com
Valid redirect URIs: https://adlivetech.com/
For live website you can get Access token easily by using https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
Replace above url "CLIENT-ID" with your client ID
Replace above url "REDIRECT-URI" redirect url should be your domain name like: http://adlivetech.com
https://adlivetech.com/access_token=YOUR_ACCESS_TOken
I mucked around with this for ages..
perhaps it has changed but:
http://localhost:3000/users/auth/instagram/int_callback
was the callback URI that finally worked for me.
The ONLY issue i was having was that it was exactly an incorrect callback uri and wish I had seen here that I should be focusing on my Instagram setup instead of modifying my code.. to get the error message means everything else is working (so far), otherwise you would not be getting that particular error message.
Good luck!! - don't get distracted!
This isn't a ruby-specific but for anyone else wrestling w/this here's what got me past it (note: nothing in above answers worked for me):
1. Edit your Client on Instagram Developer and uncheck Disable implicit OAuth.
2. Click Update Client to save it.
3. Now go to https://instagram.com/oauth/authorize/?client_id=[CLIENT_ID]&redirect_ur.... Just change [CLIENT_ID] and [REDIRECT_URI] with their values.
4. After that you will be redirected to [REDIRECT_URI]/#access_token=[ACCESS_TOKEN]. Get it and place it on the Instagram Access Token textbox.
(Source: https://www.drupal.org/project/instagram_feeds/issues/2140479)
...Or you can follow the instructions here:
https://instagram.com/developer/authentication/?hl=en
See "Step One: Direct your user to our authorization URL" section.
Just simply supply your CLIENT_ID and REDIRECT_URI.
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
I have OmniAuthable Facebook login on my website. Users login with:
link_to user_omniauth_authorize_path(:facebook)
It is defined in app config at developers.facebook.com.
If I access the website through www.example.com, everything works ok and I can login.
If I access it without the "www" subdomain (i.e. example.com), I get the following response:
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException"
}
}
Does anybody know how I can fix this?
Solution: don't do that. You will end up with all sorts of problems (see this page). Choose to use either www.example.com or example.com and enforce it in your application by redirecting from the disallowed version to the desired one. FWIW, Google chooses to use www because it is more compatible with their architecture (indeed, it's more flexible). StackOverflow on the other hand chooses to go without it (it's canonically more accurate). Either way, pick one and stick with it.