I've been trying to add google login to my django app following this tutorial:
https://github.com/RealmTeam/django-rest-framework-social-oauth2
By following exactly the instructions, everything works fine in local.
However, when I try to replicate the same on the server, I get the following error on the redirect page of the login:
Error 400: redirect_uri_mismatch
redirect_uri: http://localhost:8000/auth/complete/google-oauth2/
What is strange to me is, in my google developer console, I have set up the correct redirect url in my app, as follows:
https://mydjangoapp.com/auth/complete/google-oauth2/
And I have also put 'mydjangoapp.com' under 'Authorised JavaScript origins'.
So my question is, why google keeps telling me that the redirect url is
http://localhost:8000/auth/complete/google-oauth2/
which is not the one I have set up in the console? Perhaps there is something obvious that I'm missing here. Thank you!
Why google keeps telling me that the redirect url is
Because your application is sending its in your code the app is running on http://localhost:8000 and if you are using a client library its probably adding the rest automatically.
http://localhost:8000/auth/complete/google-oauth2/
The redirect uri must exactly match what you are sending from your application.
You need to add
http://localhost:8000/auth/complete/google-oauth2/
Javascript origin is only needed if your code is using javascript.
This video will show you how to fix the error. Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
If you want your code to send https://mydjangoapp.com then your going to have to be running it from https://mydjangoapp.com probably and you may need to figure out how to configure it so that it is running from the correct host.
Related
For my Django project, I am using djstripe. Using test data, I have confirmed that payments are successful. However, when testing a webhook, I get errors of 404 and then it sometimes changes to 503 (for the same webhook). I am using Heroku free tier so I am not sure if that is the problem, or if I am configuring the webhooks entirely wrong (likely since this is my first project). Any help is appreciated.
Stripe endpoint I have as [heroku domain]/users/accounts/webhook/ and my project urls is path('users/accounts/', include('allauth.urls')),
404 means that the URL you've provided to Stripe for your webhook is not found on/by your server; this is something you'll need to investigate on your end.
If you share more code - like specifically the code containing your route for the webhook - that might be useful for helping you diagnose the issue here.
i have found some solutions.
1- copy response of HTML tags and convert it to an HTML Page. you will be able to see the error raising from your platform which is failing the webhook.
2- Debug the each line of webhook view/code.
i am playing around with Postman to get some insight on how things work behind the curtain and ran into, what I believe, is an issue but wanted to ask before I create a new issue on GitHub.
I am intercepting the request from my browser to the same site using the Postman Interceptor to use the request values in the native app. I have cookies enabled and the site (the whole domain) whitelisted.
When I use the history to resend the same request that was captured I get an auth error that is caused by the fact that the cookies are not included in the request (found that out by checking the cURL code snippet). I believe the reason for that is, that the cookies are set under another sub domain than that the request is send to.
I will try to include some pictures to clarify. My question here is:
Am I missing something/did I set something up in the wrong way
or is this an issue and I should create an issue in the official Postman Github page
cURL request
Cookies in Postman Native App
you should see if cookie is being send not using code snippet but the console :
its indeed sending cookies ,
I am using AWS codestar to deploy by react application using serverless nodejs template. This is the url that is given by codestar after successfully completion of all the stages https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod . This url displayed all the components in my app correctly. In navbar of my app i have items like this a ,b,c. where clicking on each one of them will redirect to a new component.(i.e.https://xxxxx.execute-api.us-east-1.amazonaws.com/a,https://xxxxx.execute-api.us-east-1.amazonaws.com/b etc. But when i refresh the page which is having a url like this https://xxxxx.execute-api.us-east-1.amazonaws.com/b i am getting a error like {"message":"Forbidden"} and in my console it is showing like this favicon.ico:1 GET https://xxxx.execute-api.us-east-1.amazonaws.com/favicon.ico 403
It seems the chrome is fetching the favicon based on the https link, which fails because there is no such favicon at the location. I tried to remove favicon.ico link in index.html but even then the chrome is using the same url to fetch the favicon which eventually fails. I followed max number of suggestions in SO to acheive this but no luck. Is there any way to say api-gateway to exclude these favicon get requests and display my app rather than showing message forbidden.
And i am pretty sure that i had enabled logs for both the agi-gateway and lambda where i didnt find any forbidden errors(i.e.403) which is weird because i can see those 403 errors in my console.
Thanks
Any help is highly appreciated.
The https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod url provided by API Gateway is the base url for your site, so those paths would have to be /Prod/a instead of /a.
One way to get around that is to register your own domain and connect it to API Gateway via a custom domain. That would allow you to have https://example.com as your base url, and your paths could stay /a, /b, etc.
I'm using Recaptcha within Django. I was using the following tutorial to integrate it in my web application: http://www.marcofucci.com/tumblelog/26/jul/2009/integrating-recaptcha-with-django/
The captcha doesn't show up on my machine. Instead of the captcha the following error message is displayed:
An internal error occurred: 4A6376441D250.ADE1949.3546A435
(I get a different code each time).
To which domain did you sign the recaptcha? If you entered "127.0.0.1" in the registration make sure you use this one and not "localhost".
Today, I got this error on one of my client's website.
It was working great but suddenly it stop working. Then upon googling I find this link and renewed my API key.
But after I switched to Secure (SSL Enabled) side of my website then It stops working again.
Then, In I got this function there
recaptcha_get_html(PUBLIC_KEY, $error, true);
The third argumentation use the SSL Server, I've to enable it.
This fixed everything for me.
I'm trying to set up a facebook app using django by following this tutorial: http://www.rkblog.rk.edu.pl/w/p/example-facebook-application-django/ . I get to the point where I start my development server at (manage.py runserver 0.0.0.0:80)
then it says: Now under http://apps.facebook.com/NAME/ you should see a basic Facebook app comming from your server:
I, however, get an error message:
The URL http://my.ip/my_app_name/ is not valid.
I think I've set things up properly:
Canvas Page URL:
http://apps.facebook.com/my_app_name/
Canvas Callback URL
http://my.ip/my_app_name/
Question: how do I go about finding out what's wrong?
Thanks in advance!
Martin
update: when i visit http://my.ip/myappname/, it redirects to http://apps.facebook.com/my_app_name/?auth_token=eac7bf38fb5e591c55ddc458d16dc9b7
where i get the 'url not valid' message... However, when I paste the url with auth_token in it, django serves the requested page as expected... why is facebook saying the url is not valid if in fact it is...?
Is your router set up to forward requests on port 80 to your development machine? If not, you will get an error, as the way Facebook apps work is that Facebook's servers contact your server, get the content, then parse it and re-serve it back to the client.
I actually find with Facebook apps that the easiest thing to do is what you describe in your last sentence - get the auth_token URL, then paste it locally and work from there.