I have seen several past questions in SO, but none of them see to answer the question.
I am trying to have my iphone webapp use the Facebook login, but it fails everytime with a 191 error:
An error occurred with My Dev app. Please try again later.
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
My FB logging link looks like such:
http://m.facebook.com/dialog/oauth/?scope=email,user_birthday&client_id=1754645158****&redirect_uri=http://dev.someDomain.com&display=touch
Post trying to following the link the return uri is stripped from the url:
http://m.facebook.com/dialog/oauth/?scope=email,user_birthday&client_id=1754645158*****&redirect_uri=&display=touch
Per the fb dev site when specifying the domain:
If set, Facebook will enable authentication on all subdomains (e.g., "example.com" will enable *.example.com)
when I change it to my main domain, it redirects correctly.
What gives?
So I think I figured it out, adding www:
redirect_uri=http://www.dev.some
instead of:
redirect_uri=http://dev.some
Seems to fix this, now to finish the rest of the login...
Related
I'm implementing Facebook login on a Rails 5 app with Devise and the omniauth-facebook gem and I'm getting the following error:
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
I followed this tutorial: https://medium.com/#trydelight/facebook-authentication-with-devise-5b53d2f664ed
So for the "Valid OAuth Redirect URIs" it works locally with no URIs whitelisted, but for production I added
https://noora.app/users/auth/facebook and https://www.noora.app//users/auth/facebook (the production domain is noora.app). After getting the error I even added 2 more URIs with a / on the end and added noora.app and www.noora.app as domains, but I'm still getting the same error.
The app is on live mode and the login page is at https://noora.app/users/sign_in. Part of the Facebook settings are here:
Any ideas? Config seems good, but maybe someone sees something I don't? Thanks!
You should whitelist your callback url, not the one that has login button:
https://noora.app/users/auth/facebook/callback
I was looking for this answer for hours, the solution for me was:
When I checked the params in facebook error page, it said:
redirect=mydomain/auth/facebook/callback
and not:
redirect=mydomain/users/auth/facebook/callback
So I add the first one to Valid OAuth Redirect URIs, without users, and problem solved!!!
I have been trying to implement the OAuth v2 for Microsoft Accounts for my website. Its currently in development stage and so am testing on localhost. The Website is an ASP.NET Core MVC 5 Application.
I have followed the tutorial here to implement OAuth for Twitter, Google and Facebook accounts. I found this to be quite simple with only a few small issues that I was able to solve with simple google searches.
However I have spent several days trying to understand what is happening when trying to use Microsoft Account authentication on my site.
I have watched the video here on registering an application in the Microsoft App Registration Portal. At around minute 6 in the video a short demo shows how to set up the App. You can see my App details in the following screen shot:
In the video at about 7.5 mins in, there is a small section explaining how to test the App by building a URL string.
On submitting the query string to the browser the page is redirected as expected to my App page as you can see here:
In this instance I was all ready signed into my Microsoft Outlook account. If I wasn't signed in I would be prompted to login to a Microsoft account. Logging in, in this case choosing my already signed in Outlook account causes the page to be redirected back to my site as seen in the following screen shot but because the site didn't send the request its not expecting a token sent back for login so nothing really happens. This is expected behaviour, at this point as I was only testing that the Apps end point was working as expected.
[
The next stage is to test the functionality from my website. This is where I always have issues. To activate the OAuth functionality for Microsoft Account login requires simply un-commenting a couple of lines of code within the Startup.Auth.cs file in my websites App_Start folder and passing in the Apps ClientKey and ClientSecret values as can bee seen in the following code snippet:
app.UseMicrosoftAccountAuthentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientID"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientSecret"]);
This code basically adds a little button to the login page that allows you to choose Microsoft login as can be seen here:
[
When I click the Microsoft button I get the following error page:
And the query string returned contains the following:
https://login.live.com/err.srf?lc=2057#error=unauthorized_client&error_description=The+client+does+not+exist.+If+you+are+the+application+developer%2c+configure+a+new+application+through+the+application+management+site+at+https://apps.dev.microsoft.com/.&state=JMxMRuKaOiYWCQw_Uqkhv3gLQn3ULlkG2miM4ymcHhTK5niXVQl5n4L0a6VoWeEKmFM7T1ciU2oQAh26_Y0i2DMjdt6BOAtpjNeMaSpBq4wbCjva9lOuctOUIWwoFdTEGvxJ4M904lUsoudd9e9cYi6eiH3JF81HB5ouQSus2ddE1sVUQLw-YB1GjUL79y2muFaBFIOIOk75oCV2IxX4cFO2rJU04K9Se6gxu698WpzR8taUB2c6tK9u0dBisckhavf0IvKB9dWQq-IVwQgvaA
Anybody know why or what is happening????
Now I have read in several of my many searches while trying to understand whats happening when I try to test the App from my site rather than a URL directly in the browser that I should have
/signin-microsoft
appended to my Redirect URL in the App Portals configuration. I have Tested with my Redirect URL set like that and this does not work. I get a HTTP ERROR 500 sent back because the page signin-microsoft does not exist. So this is not my problem.
Please help if anyone has had the same issues and solved it.
EDIT: I should have mentioned that I was initially trying this using Local IISExpress but after reading some posts saying it can be done only on IIS so I published my site locally to IIS.
I have a Facebook app page and a rails application. My rails application loads a dynamic page based on a key that is given. This works fine and dandy outside of my facebook app:
https://app.eventsent.net/event_lists/3d40ba2a4a10947c17c2337fba3421dd406cceb5?frame=true
However inside of Facebook the page is pulling up as a 404 error:
https://www.facebook.com/reynoldsdesignstudio/app_419134091467471
I have gotten around this issue by creating a static file within my system to be able to have facebook view it however this is not ideal as deploying the rails app with updates makes modifying these static pages a pain.
Any help on this would be great.
We got this figured out by changing the routes file to allow for a post request instead of just a get request
Your problem is not related to dynamic/static content. Also Facebook is showing a 501 error, not a 404. In short, your SSL cert is not valid for the staging.app subdomain you are pointing your Facebook page at.
Visiting your Facebook page (https://www.facebook.com/reynoldsdesignstudio/app_419134091467471) yields this error:
This webpage is not available
The webpage at https://staging.app.eventsent.net/event_lists/3d40ba2a4a10947c17c2337fba3421dd406cceb5.html might be temporarily down or it may have moved permanently to a new web address.
Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error.
Note that the subdomain is staging.app. If you happen to be using Firefox, you get a nice error message the spells everything out:
This Connection is Untrusted
You have asked Firefox to connect securely to staging.app.eventsent.net, but we can't confirm that your connection is secure.
staging.app.eventsent.net uses an invalid security certificate.
The certificate is only valid for the following names:
app.eventsent.net , www.app.eventsent.net
(Error code: ssl_error_bad_cert_domain)
The easiest solution would be to get a WildCard SSL certificate that is valid for *.eventsent.net.
FYI, if you visit https://staging.app.eventsent.net/event_lists/3d40ba2a4a10947c17c2337fba3421dd406cceb5?frame=true, you will get a rather dire-looking warning from your browser. If you ignore the warning and tell the browser to accept the certificate, your Facebook page will then load fine in the same browser.
I am trying use the facebook outh system to get some basic info from my user.
The problem is that when the user logs in it does not ask for any permissions. it provides a login dialog but thats it no dialog like this:
On my app settings I've set the authentication to the following:
So what am I missing here?
You should be able to see the dialog here: https://www.facebook.com/dialog/oauth?client_id=388123757870529&redirect_uri=http://localhost
Kristian,
It looks like you need to correctly setup your app domain (localhost) and your website url (http://localhost) because right now, the link you provided is giving this error:
"The specified URL is not owned by the application
Error Message: Invalid redirect_uri: Given URL is not allowed by the Application configuration."
I am facing with the problem:
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException",
"code": 191
}
I set up in my app the needed keys and tokens, in the Facebook's dev center I set up Site URL: to http://127.0.0.1:3001 and I am getting the error above. Also I tried to set up App Namespace: to http://127.0.0.1:3001, but I am getting error about bad address format...
When I tried to fill out he App Domain: and set there my localhost, again the error for the bad format...
What is the correct configuration the fabebook app with localhost?
You need to use urls, what I would do add this to your hosts:
127.0.0.1 dev-machine
127.0.0.1 dev-machine.com
Then in the facebook settings use
dev-machine.com as your App Domain
dev-machine.com:3001 as your Site URL
Yes in FB App you have to assign an IP Site/ App Domain.
Facebook matches this url with the url of the request where it came from.
You can not assign localhost or 127.0.0.1
You have to enter the IP address your server. Also if it is rails then call the site with your-ip:3000 instead of localhost:3000; I use 192.168.1.154:3000
Enter the same IP address in IP of the site and APP Domain in your FB APP Settings.
To get your IP run ifconfig command in terminal if it is Linux or ipconfig if windows.
let me know if it doesn't work.
in the facebook App Page -> the basic tab. find "Website with Facebook Login" Option.
you will find Site URL: input there put the full URL (i.e http:// localhost:3000 if you are in Development mode) [* note : not "App Domains"]
I encountered this error and it was incredibly frustrating. The solution? I wasn't actually passing parameters properly in the query string. When I manually built my URL and submitted it using the browser, everything worked fine. Crap.
So, essentially, if you're getting this error it may actually be a symptom of something totally unrelated to the redirect_uri -- it just happens to be the first error triggered when your parameters are messed up. I hope that saves you the hours I spent on this.