django_microsoft_auth reply URL issues and other questions - django

I am trying to use the django_microsoft_auth package. I have some questions and issues:
When I try and login I get AADSTS50011: The reply URL specified in
the request does not match the reply URLs configured for the
application - how do I debug or fix this?
The docs say If you want multiple Site objects and generate authorize URL when accessing your site from multiple domains, you must not set a SITE_ID But if I do not set the SITE_ID my app will not run at all - I get Site matching query does not exist. So I am running with SITE_ID = 1. Is that an issue?
The login with microsoft link is only on the admin page - how would I get that on my app's main login page?

Related

Handling of django authentication with multiple apps

Cant find a solution to a simple problem from current SO questions.
I have 2 apps in a django project.
App1 is from the graph tutorial found here
App2 will allow the users to list data from a DB in this case it will be branch names.
If I try and access a page with #login_required decorator then the url route has /accounts/login/ added and I get the usual cant find error.
Page not found (404)
Request Method: GET
Request URL: http://localhost:8000/accounts/login/?next=/calendar
Using the URLconf defined in graph_project.urls, Django tried these URL patterns, in this order:
[name='home']
about [name='about']
signin [name='signin']
signout [name='signout']
calendar [name='calendar']
callback [name='callback']
branches/
admin/
branches/
The current path, accounts/login/, didn't match any of these.
If I am reading the django docs correctly then this is default and I can redirect the login path using the LOGIN_URL in the project settings. When I set that to the signin function created in the tutorial for App1
def sign_in(request):
# Get the sign-in URL
sign_in_url, state = get_sign_in_url()
# Save the expected state so we can validate in the callback
request.session['auth_state'] = state
# Redirect to the Azure sign-in page
return HttpResponseRedirect(sign_in_url)
It will forever cycle the MS OAuth login but never access the requested page once completed. If I leave out the LOGIN_URL from settings it adds the accounts/login/ to the url as that is the default.
What is it that I am not understanding as to have login/logout requests handled by the functions in App1 for any requests made in other Apps when the request is behind a Login_Required decorator? And why does it not check if I am already authenticated when I can see It holds my name/email/calendar calls if I do not have a #Login_Required decorator and move between pages.
Thanks
I reached out to the support team on Django-Project.
One of the maintainers had a look over my source and all seemed fine on my end, he also checked the tutorial link I provided in the question.
His exact words were
>Personally, I’m a bit suspicious with how they’re doing this. I’ve read through the >tutorial and it looks to me like they’ve taken some shortcuts with managing the user in >the session.
That is enough for me to drop that route and look somewhere else, he offered these as a suggestion should anyone care to look into what I moved on to using.
[Azure AD pypi][1]
[Django Auth Docs][2]
[MS Django Auth][3]
[1]: https://pypi.org/project/django-azure-ad-auth/
[2]: https://django-auth-adfs.readthedocs.io/en/latest/
[3]: https://pypi.org/project/django-microsoft-auth/

Can't Load URL - facebook login on the app

I am trying to implement fb login on my game https://ski-jumps.pl.
I prepared the application (settings below) and the script here: https://ski-jumps.pl/facebook.php
Unfortunately when I try to log in this app, a message is displayed: "Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
What am I doing wrong? Some ideas?
application settings
I had the same problem, struggled for hours. I fixed it by providing following url in the Valid OAuth Redirect URIs of the Facebook Login product
https://mysubdomain.azurewebsites.net/signin-facebook
Regard the signin-facebook, which isn't something I provide. I found this is the url of the Facebook error page.

Facebook Social Auth Login: Can't Load URL: The domain of this URL isn't included in the app's domains

I am developing a web application using Django and python-social-auth. I want users to login with Facebook.
I have this in my python settings:
SOCIAL_AUTH_FACEBOOK_KEY = '...'
SOCIAL_AUTH_FACEBOOK_SECRET = '...'
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']
When my users enter the facebook page where they should provide credentials they see an error like this:
Can't Load URL: The domain of this URL isn't included in the app's domains.
To be able to load this URL, add all domains and subdomains of your
app to the App Domains field in your app settings.
In Facebook for Developers dashboard I have added "Facebook Login" product and added redirect url:
http://localhost:8000/complete/facebook/
In settings, Website Site URL is set to: http://localhost:8000/ and App Domains is set to localhost.
What am I doing wrong?
BTW this is the url that my users see when the facebook page opens:
https://www.facebook.com/v2.9/dialog/oauth?scope=email&state=HSfkstGUR5028DMhUzfWOSgo6fpPx29E&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Fcomplete%2Ffacebook%2F%3Fredirect_state%3DHSfkstGUR5028DMhUzfWOSgo6fpPx29E&client_id=...&return_scopes=true
Disable the 'Use Strict Mode for Redirect URIs' setting in your Facebook login app.
OR
Note the redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Fcomplete%2Ffacebook%2F%3Fredirect_state%3DHSfkstGUR5028DMhUzfWOSgo6fpPx29E parameter of generated url.
For some inexplicable reason Facebook requires Valid OAuth redirect URIs setting to be exactly the same as the redirect url.
So use a tool like https://meyerweb.com/eric/tools/dencoder/, decode the url and set Valid OAuth redirect URIs to the full url. I.E:
http://localhost:8000/complete/facebook/redirect_state=HSfkstGUR5028DMhUzfWOSgo6fpPA59E
Upgrading social-auth-core to at least version 1.6.0 should help to resolve this. Among other changes it includes this one:
Default REDIRECT_STATE to False in FacebookOAuth2 backend.
This was changed as a result of issue 141, and it causes redirect URLs to be generated without the redirect_state argument, whose dynamic value makes whitelisting impossible.
Once you've done this, add https://<your-domain>/complete/facebook/ to your OAuth redirect whitelist in the Facebook developer portal.
Facebook doesn't like localhost in the Redirect URI field in the app setup or in the redirect_uri parameter. To workaround it just set something in the field (I use http://myapp.com:8000, then add the entry 127.0.0.1 myapp.com in your /etc/hosts and access the app through the new URL (http://myapp.com:8000).
As of the 4th April 2018, day i face the same issue, the only solution i found is:
Valid OAuth redirect URIs must be set to be exactly the same as the redirect url
More info here: https://developers.facebook.com/blog/post/2017/12/18/strict-uri-matching/

Django-allauth Facebook error

I am going to implement login with facebook and google using django-allauth app,but i am getting one error i.e
You are not logged in: You are not logged in. Please log in and try again.
My Facebook App Settings
What should i do now??
Change your redirect URI to
http://localhost:8000/accounts/facebook/login/callback/
and also make sure to have SITE_ID = 1 in settings.
The following solved my problem:
Valid Oauth redirect URI ---> set to http://localhost:8000/

Testing facebook login on django development server

I am trying to integrate facebook login in my django app but everytime I click on facebook login button it gives me an error
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.
I my app settings my site url is
http://localhost:8000/
and also in my hosts file localhost have been mapped to 127.0.0.1
how to solve this as I have followed similar questions on stack but none helped a lot.
In your host file, set the localhost:port to the domain you wish to log in from.
Then, set the Facebook app's domain to the domain you've pointed your localhost to.