Insecure Login Blocked: You can't get an access token or log in to this app from an insecure page. Try re-loading the page as https://
Error message says there is no SSL at your domain which you tried to use the API, but I already added it to Valid OAuth Redirect URIs so this makes no sense.
Cause validator says this is a valid redirect URI for this application and I am using a wordpress plugin named Woocommerce Social Login. Its settings also offering the valid URI.
What can be the cause now? They(FB) don't accept the Lets Encrypt SSL as an SSL anymore?
I have fixed the situation by just checkin the url requested when we try to login with facebook, it shows http instead of https. So the source of the problem is wordpress social login plugin.
https://www.facebook.com/v2.8/dialog/oauth?client_id=<ClientID>&redirect_uri=http%3A%2F%2example.com%2F%3Fwc-api%3Dauth%26done%3Dfacebook&response_type=code&scope=public_profile%2C%20email
Related
I am using Google OAuth for my Django App (via allauth package)
I have followed all standard configuration steps. In Google Developer console here's what i have:
Authorized JavaScript origins
https://example.com
Authorized redirect URIs
https://example.com/accounts/google/login/callback/ - login fails
http://example.com/accounts/google/login/callback/ - login succeeds
What i observe that if i have a https redirect URL in Authorized redirect URIs, it does not allow login and it fails with redirect_uri_mismatch Error. If i have a http redirect URL then the login succeeds.
What do i need to do to have a https enabled redirect URL ?
Adding the following in production settings.py fixed the problem for me:
ACCOUNT_DEFAULT_HTTP_PROTOCOL='https'
**This worked for me :
Go to https://console.developers.google.com
Add without port http://127.0.0.1/accounts/google/login/callback/
Also Add http://localhost/accounts/google/login/callback/
see the image in the link for detail
In my case, the problem was in the following:
My website switched the access to HTTPS-only connections, while in Google API dashboard was http://profile.example.com/accounts/google/login/callback/.
So, I changed:
from http -> https and it begins to work fine.
i am getting error with Facebook login even after using ngrok for https.Now my URL contain HTTPS even though i am getting insecure login blocked.
here is my facebook setting.
I have been through the allauth setup, using default settings, and solved problems like the https issue::
ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
DEFAULT_HTTP_PROTOCOL = "https"
And using ngrok so that I can access my development environment using::
https://7fff461c.ngrok.io/ (not real code)
And checking that the full callback works::
https://7fff461c.ngrok.io/accounts/facebook/login/callback/
And settings up Facebook with Valid OAuth Redirect URIs set to https://7fff461c.ngrok.io/ so when I enter https://7fff461c.ngrok.io in the Redirect URI Validator at the bottom of the facebook page it works...
When I try to signup link I get an error from facebook:
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs
Doubled check that the redirect url being passed is correct, which it is::
decoded: &redirect_uri=https://7fff461c.ngrok.io/accounts/facebook/login/callback/&scop
What else is there to try?!
Well this is embarrassing, but I'll leave this question/answer here in case it helps anyone else.
When putting in the the Valid OAuth Redirect URIs in Facebook Login > settings it needs THE WHOLE URL!
So in this case:
https://7fff461c.ngrok.io/accounts/facebook/login/callback/
Now it's all working.
I am trying to login twitter with oauth. I have included ssl certificate with lets encrypt secure my url,Thus my url is https but still i'm getting this error where should i change in my django code.
I have used social-oauth library for twitter login
social-auth needs https it wont work on http
instead of going 192.x.x.x.x:xxxx or 127.x.x.x.x:xxxx use localhost it will work only then, because they need https facebook twitter and etc...
just in the adressbar go
localhost:8000 and it will work had the same issue with facebook
can someone please help me. I am getting the following error when trying to login with Facebook:
URL Blocked: This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs.
My redirect URI is: http://127.0.0.1:8000/auth/complete/facebook
you can change your URI from this:
http://127.0.0.1:8000/auth/complete/facebook
to this:
http://127.0.0.1:8000/en/auth/complete/facebook
you can add for each tranlation you may add. (en, fr, etc)
Hope it helps.