I'm using OSQA and I simply trying to login with Facebook (without any change on the platform code), only setting 'app secret' and 'app id'.
My Facebook App settings:
Site URL: http://localhost:8080/osqa/
Canvas URL: http://localhost:8080/osqa/osqa/account/facebook/done/
I encounter this error:
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException",
"code": 191
}
}
and this is the url with the redirect_uri
https://graph.facebook.com/oauth/authorize?scope=email&redirect_uri=http%3A%2F%2F127.0.0.1%3A8080%2Fosqa%2Fosqa%2Faccount%2Ffacebook%2Fdone%2F&client_id=***
I read a lot of posts concerning this problem here on stackoverflow and in other forums, I know there is a simple solution, but cannot figure out yet.
The redirect in your URL translates to this:
redirect_uri=http://127.0.0.1:8080/osqa/osqa/account/facebook/done/
Facebook just checks the strings and sees that 127.0.0.1 is not the same as localhost. So replace this in your app settings and the redirect should work.
Related
Hi I am trying to implement Facebook login for my website using Django Allauth.
As we can no longer disable Use Strict Mode for Redirect URIs I am getting an error when I try to login via facebook.
The callback URL formed at the time of Facebook login is of this format -
https://example.com/accounts/facebook/login/callback/?code=AQB7W48oY-1XxZv2xU9iahxS80ZPs4oBNLlXWTY7Y93dclyIElEPG-jWKB5ELV7Pv11ckcRYg3L67Wfcz6xqC8yhNLBaFaOQjd4F2AEp8nfScltnY3LoY79g9NjtslCSbQnSlc_hDdBm_rxQtScz-rLChNvAJaky3KYMG_USSTkm9qdyvw5lIMdcIHQjz3CTF8KdgmuFG1T8_WvVqdGDEpfhC_PD7w5tnkcChBEowHnWR656DYa1wrMR1fbP2rqxBocNn6fKPCy_GM_DZynPp8mx0F0YP55vzw2Kv8KchB2nxCaHwQ4dRvJq785w5CfCgDVc6REhbc3CNG2KqZxdxjuG&state=eukVyjHYk04X#_=_
This URL contains the query params code and state because of which it is not an exact match and I checked it via Redirect URI to Check which reported it as invalid.
So on the authentication_error.html I get the following error.
{'provider': 'facebook', 'code': 'unknown', 'exception':
OAuth2Error('Error retrieving access token:
b'{"error":{"message":"Can\'t load URL: The domain of this URL
isn\'t included in the app\'s domains. To be able to load this
URL, add all domains and sub-domains of your app to the App Domains
field in your app
settings.","type":"OAuthException","code":191,"fbtrace_id":"AxoTkIBeoUSKsxuWvMx-Wg4"}}'',)}
My Valid OAuth Redirect URIs has the following URL's
https://example.com/accounts/facebook/login/callback/
https://www.example.com/accounts/facebook/login/callback/
Please help me with this issue, I have looked into all the existing issue but haven't found a solution.
For anyone facing a similar issue, it could be because you missed to add this line to your settings.py file.
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'https'
At a facebook page, where i am not an admin, subscribed to my facebook app, which is a chatbot. Altough the chatbot functioning already, i cannot setup the get_started button with the following call:
https://graph.facebook.com/v5.0/me/messenger_profile?access_token=theaccesstoken
{
"get_started":{
"payload":"GET_STARTED_PAYLOAD"
}
}
it works for the pages i am admin of, but for this page i get the following response:
"error": {
"message": "(#200) User does not have sufficient administrative permission for this action on this page. If the page business requires Two Factor Authentication, the user also needs to enable Two Factor Authentication.",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "44323423423423"
}
}
the access token has the followiing permissions for the page:
email, manage_pages, pages_show_list, read_page_mailboxes, pages_messaging, public_profile
the token did not expire
Can some explain please what should be done differently?
[UPDATE]
The problem occured because the user was not a page admin, just an editor.
guys im working on django-rest-social-auth that is here in github
https://github.com/st4lk/django-rest-social-auth
and trying to add google login to my django rest framwork app
first i get code from this url
https://accounts.google.com/o/oauth2/auth?response_type=code&client_id={{CLIENT_ID}}&redirect_uri={{REDIRECT_URL}}&scope=email
then
i send needed parameter like clientId,redirect_uri,provider and code to
http://localhost:8000/api/login/social/jwt/google/
with postman and browser form but :
i get HTTP 400 Bad Request error also i see this in my server console :
raise AuthForbidden(args[0])
social_core.exceptions.AuthForbidden: Your credentials aren't allowed
this is the data that i post :
{
"clientId": "61235520-pn78ds5sds5d21d21jmn1e9.apps.googleusercontent.com",
"redirect_uri": "http://localhost:4200/",
"provider": "google-oauth2",
"code": "4%2Fto7CCGznNFgE-rsssPlEQzV3lY9yjUWW_85YmPWF4OU"
}
why ???
Im using Google tutorial to get access token for my web application. but in the following steps:
Your web application redirects the user to Google Authorization page
User grants your web application access
Google redirects the user back to your web application and returns an authorization code
I dont know how to get this authorization code ? actually in my python code I dont know how to get "auth_code"
data = urllib.urlencode({
'code': auth_code,
'client_id': client_id,
'client_secret': client_secret,
'redirect_uri': redirect_uri,
'grant_type': 'authorization_code'
})
I found my solution :)
I should past this url in my browser and get the code
print '%s?client_id=%s&redirect_uri=%s&scope=%s&response_type=code' % \
('https://accounts.google.com/o/oauth2/auth',
clientID,
redirect_uri,
'https://www.googleapis.com/auth/fusiontables')
I'm using django-social-auth to authenticate users for facebook login for my website.
<a href="{% url socialauth_begin 'facebook' %}?redirect_uri={{SITE_URL}}complete/facebook/">
This correctly leads me to an auth dialog, but then when I click "Go To App" in the dialog I get this error from social auth:
Request Method: GET
Request URL: http://[site_url]/complete/facebook/?state=DHlD9efEDau286xRGn2HtVpZ9AbooD3y&code=AQCACZRE3WYGMyBSII1eD-H8Sl8yDUtL6VoZ4qJPKSQ_NDBAoE_6JE7-4Ef353utpAygCZVJMUKiLNs_evC-y2oezOKRsH_njtFZW4FwPE2XoaFm14sdbtUkj1QsqivY6DSpGpsmTNCCs3twYxx-6_C-e1OWEcnd4x6SoBg59LmCUsWhocu739h_ppdLRR_wPjY
Django Version: 1.3.1
Exception Type: AuthFailed
Exception Value:
Authentication failed: There was an error authenticating the app
Exception Location: /app/.heroku/src/social-auth/social_auth/backends/facebook.py in auth_complete, line 131Request Method: GET
Request URL: http://[site_url]/complete/facebook/?state=DHlD9efEDau286xRGn2HtVpZ9AbooD3y&code=AQCACZRE3WYGMyBSII1eD-H8Sl8yDUtL6VoZ4qJPKSQ_NDBAoE_6JE7-4Ef353utpAygCZVJMUKiLNs_evC-y2oezOKRsH_njtFZW4FwPE2XoaFm14sdbtUkj1QsqivY6DSpGpsmTNCCs3twYxx-6_C-e1OWEcnd4x6SoBg59LmCUsWhocu739h_ppdLRR_wPjY
My requirements file is pointing to a forked version of django-social-auth so I could put some print statements around the error. The failure seems to occur after making a call to
https://graph.facebook.com/oauth/access_token?code=AQCc6tIfxJTQN64GGQsDVbT4BCK1hYGypw2oMFQjjMQf-kfJqrWtI-vGe78fJJJHTL6w5yuau90vQu8msVGDpZh30HgUYkwdXhAKJcC9MCf8h6bp1e23wxkkMzP5eaT2j7xOCorn-KgeRv-ZJA40U87GDx1_592amAlSemS4zhXaoAv7JWRHl9NzBFtJ6cuGdbg&client_secret=[app_secret]&redirect_uri=http%3A%2F%2F[site_url]%2Fcomplete%2Ffacebook%2F%3Fredirect_state%3DDHlD9efEDau286xRGn2HtVpZ9AbooD3y&client_id=[app_id]
The error I'm getting from that is
{
"error": {
"message": "Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request",
"type": "OAuthException",
"code": 100
}
}
However if i add a slash to the end of the url I get this error:
{
"error": {
"message": "Error validating application. Invalid application ID.",
"type": "OAuthException",
"code": 101
}
}
I assure you that app_id is correct
I know this has been a long read but does anyone have any suggestions on how to fix this?
#omab was correct, my issue was attaching the redirect_uri. It addition to that I had edited django-social-auth to append a backslash to the url. This was also incorrect.