Does any one used django-oauth2-provider as django oauth2 solution?
I've clone django-oauth2-provider code from github https://github.com/caffeinehit/django-oauth2-provider, and run the example site provided.
But I don't know how to test it.
When I type this in my browser:
http://127.0.0.1:8000/oauth2/authorize/2/?client_id=fc79b3fd7e65b904836b
I got
unauthorized_client An unauthorized client tried to access your resources.
It seems that my client_id had failed passed to the site?
You are accessing the wrong URL:
http://127.0.0.1:8000/oauth2/authorize/?client_id=fc79b3fd7e65b904836b&redirect_uri=<REDIRECT_TARGET>&response_type=code&status=abc
Then the app redirects you to
/oauth2/authorize/2/
by either issuing an HTTP200 upon success or HTTP400 upon failure.
Related
I'm trying to hit a web service using RestAssured. I'm struggling with authentication which is actually performed by a third party system. Details are given below:
My web service requires session ID & Cookie in the request header. Otherwise the service call will be failed.
For that I need to fetch Session Id & Cookie after the authentication.
Authentication is done by third party service and it takes the windows credentials for authentication.
When I launch my app URL on browser, say: 'XYZ.com/dim' it will be redirected to authentication service using a URL like:
http://hantweb.DOMAIN.com/authenticate/encdefault.asp?location=XYZ.com/dim
After the authentication it will again be redirected to actual application back.
I tried below code but it says: "401 - Unauthorized: Access is denied due to invalid credentials." even though my credentials are correct.
RestAssured.given().auth().basic("userID", "password").get("http://hantweb.DOMAIN.com/authenticate/encdefault.asp?location=XYZ.com/dim")
I'm confused no idea what I've missed here..
I did some trial and error and finally understood that I need to use .auth().ntlm(userId, password,"","") as the authentication. Here I'm using windows credentials as basic or any other auth type won't work in this case.
This answer can help someone in need.
I am attempting to add Google Authentication to my Django project. I have been able to configure my project to work with my app on Heroku using a different Oauth client object but I can't seem to get it to work for my development server.
I keep getting the error:
Error: redirect_uri_mismatch
The JavaScript origin in the request, http://localhost:8000, does not match the ones authorized for the OAuth client.
from Google.
My Authorized Javascript origin is:
https://localhost:8000
http://localhost:8000
My Authorized Redirect URIs are:
https://localhost:8000
https://localhost:8000/
https://localhost
http://localhost:8000
http://localhost:8000/
http://localhost
(I tried all of these combos based on comments from similar questions.)
Any help or advice would be much appreciated as I can't seem to find the answer to this anywhere in the API docs.
Each time I changed the Client in the developer console I neglected to make the corresponding update in the Django template. I was using the wrong client the whole time - careless mistake.
How can I setup PAW to work with Facebook locally for development? Or even at all for that matter?
I have a node.js backend that I'm setting up with Facebook Auth. Every one of my routes needs the user to be logged in. I have two endpoints related to FB Auth. localhost:3000/api/v1/loginFB and localhost:3000/api/v1/callbackFB. Both of these work great in a web browser.
loginFB simply returns this string... https://www.facebook.com/dialog/oauth?client_id=523534457345&redirect_uri=https://localhost:3000/api/v1/callbackFB&scope=email,public_profile,user_friends.
When I call that URI in a browser, it returns a code=blahblah which my callbackFB endpoint uses to fire off another request to get the access token. All good.
So now in PAW I'm confused by the difference between the request URI and the Authorization URL text field? Should I use the loginFB URI for my request URI? And then https://www.facebook.com/dialog/oauth in the Authorization URL textfield?
Basically what's happening is that when I click Get Access Token, it returns the code but my callbackFB endpoint 500's by saying "This authorization code has been used." The code that it's getting returned is definitely different each time I Get Access Token.
This is where I'm at with this thing (Client ID and Client Secret are actually my App ID and App Secret from fb's dev management site, and the Access Token URL is actually set to https://graph.facebook.com/v2.3/oauth/access_token which I'm 99% sure is the correct URI):
This is the error I get when I click Get Access Token button:
It would be awesome to get some advice from anyone with experience with this issue. Thanks.
Re: #MichaMazaheri
tl;dr Fixed in version 2.2.2
Sorry for the super late follow-up. We actually fix this exact issue in Paw 2.2.2, which is already released on our website, and pending review for the Mac App Store. (It was some JSON vs. Form URL-Encoded parsing issue). Thanks for reporting.
I am using omniauth-saml 1.3.1 with omniauth 1.2.2 in rails 4.2. It works well with my test identity provider set up at openidp.feide.no (a nifty tool for those setting up a SAML service provider). It even works in production.
Now I am trying to get an IdP set up with a client of mine. When the user visits /auth/saml, they are directed to the client's IdP as expected. The user is able to use their email/pw to login.
The IdP then responds to my SP, but omniauth is redirecting to the failure callback.
As seen here, I get an error message "invalid_ticket". However, the error itself isn't getting passed to my failure controller action in env["omniauth.error"], as I read it should somewhere (unfortunately I can't find that documentation right now).
I'm hoping somebody will have some advice as to how I can figure out what is causing the "invalid_ticket" to happen. Is there perhaps a way to see the raw SAML response from the IdP?
I should note that I need to find this information in production because the client's IdP points to our production SP and I can't convince them to point it somewhere I can do some more extensive testing (like my localhost dev machine). I can, however, write in some more logging or Honeybadger exception reporting if that will help.
Currently, I am reporting to Honeybadger all env["omniauth.*"] values and params when omniauth redirects to the failure route, but I am not getting any information further than Omniauth message: invalid_ticket.
A big thank you to anyone who can help me go in the right direction here!
You might want to try adding other environments to failure_raise_out_environments:
OmniAuth.config.failure_raise_out_environments = ['development', 'staging', 'production']
to your initializer. You will get meaningful error messages in your log or Honeybadger.
These errors are by default raised only in development environment.
I'm trying to create Facebook test accounts using the graph API. (I need to be able to log into them from my iphone app). Here's how I'm getting the app access token:
https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=MY-CLIENT-ID&client_secret=MY-CLIENT-SECRET
which seems to work fine. And here's how I'm trying to create a user:
https://graph.facebook.com/MY-APP-ID/accounts/test-users?installed=true&name=TestUser1&permissions=read_stream&method=post&access_token=MY-APP-ACCESS-TOKEN
The response I'm getting is:
This method must be called with an app access_token
I looked at this post Problem with access token while creating Facebook Test Users. Not really familiar with PHP, and just to make sure, I did try to "url encode" the app access token returned before using it... but no goodness.
I'm using Fiddler to test my posts.
Thanks!
Facebook doesn't support test users for Native Mobile App
see related bug on bugzilla
http://bugs.developers.facebook.net/show_bug.cgi?id=17779
hope this helps
Did you remove the 'access_token=' part from access token that's returned from the first request? If not, then you'll have an incorrect request on the second call, since the URL will have 'access_token=' twice.