I am using Google Analytics Admin API to provision accounts for connected clients as described in docs. When I accept ToS, the redirect URL opens in an iframe in the ToS page instead of a full redirection.
I have added the redirect URL as authorized redirect uri in Google Cloud Platform. I have tried setting redirect URL to point to a page in frontend. I have also tried server-side redirection via API endpoint using Location header but nothing is working so far.
Are there any configuration I am missing so that I can get full redirection back to the app? The docs only specified that redirect URL should handle HTTP GET requests and that it should match a valid redirect uri in GCP.
Related
I followed the link https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-facebook-authentication to set up Facebook login.
In the https://developers.facebook.com/apps, the "Valid OAuth redirect URIs" has the following URI
https://myapp.azurewebsites.net/.auth/login/facebook/callback
However, it still gets the error?
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
Update:
Added both https://myapp.azurewebsites.net/signin-facebook and https://myapp.azurewebsites.net/.auth/login/facebook/callback. And now the website got error of
A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier..
On the line of #Html.AntiForgeryToken() in d:\home\site\wwwroot\Views\Account\_ExternalLoginsListPartial.cshtm
Update:
Added the followign line in global.asax and the error above is gone.
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
However, it just shows the following message box with url of https://myapp.azurewebsites.net/.auth/login/done#_=_.
You have successfully signed in
-> RETURN TO THE WEBSITE
Clicking the link will return to the login screen. https://myapp.azurewebsites.net/ (which doesn't need to be authorized) stead of https://myapp.azurewebsites.net/event. Typing https://myapp.azurewebsites.net/event will show the login page again. (redirected to https://myapp.azurewebsites.net/Account/Login?ReturnUrl=%2Fevent)
As this official tutorial about Authentication and authorization in Azure App Service:
App Service Authentication / Authorization is a feature that provides a way for your application to sign in users so that you don't have to change code on the app backend. It provides an easy way to protect your application and work with per-user data.
You could browser at https://myapp.azurewebsites.net/.auth/login/facebook for logon.
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
You could leverage fiddler to capture the network package to check your facebook logon processing as follows:
Note: Make sure the above redirect_uri has been added to Valid OAuth redirect URIs. HTTP or HTTPS could be a possible cause.
Additionally, if you use the Middleware UseFacebookAuthentication for authenticating users using Facebook, I assumed that you need to add http(s)://myapp.azurewebsites.net/signin-facebook to Valid OAuth redirect URIs or you could try to use the following code:
app.UseFacebookAuthentication(new FacebookAuthenticationOptions()
{
AppId = "{your-app-id}",
AppSecret = "{your-app-secret}",
CallbackPath = new PathString("/.auth/login/facebook/callback")
});
UPDATE:
I followed this tutorial about handling Facebook authentication by using OWIN in ASP.NET MVC5, I found that I could not retrieve the logged facebook user info and the returnUrl is not working. After some trials, I found that Facebook did a force upgrade of the graph API from v2.2 to v2.3 as follows:
Facebook Graph API, Changes from v2.2 to v2.3:
[Oauth Access Token] Format - The response format of https://www.facebook.com/v2.3/oauth/access_token returned when you exchange a code for an access_token now return valid JSON instead of being URL encoded. The new format of this response is {"access_token": {TOKEN}, "token_type":{TYPE}, "expires_in":{TIME}}. We made this update to be compliant with section 5.1 of RFC 6749.
You need to upgrade Microsoft.Owin.Security.Facebook to 3.1.0, or you need to implement the BackchannelHttpHandler mentioned in this issue.
I'm working with a contest platform and am trying to get it to where and individual can create an account via Facebook.
The biggest issue I'm running into is that whenever I enter the domains into the App Domains portion I receive this:"App domains must match the domain of the Secure Canvas URL, Mobile Site URL, Unity Binary URL, Site URL, or Secure Page URL. Please correct these domains:"
Additionally, when I attempt to test the Facebook login button, I receive this error message in the pop-up:"URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs."
I've inquired with the Support Team from the contest platform and was informed of this:
"We had the Engineers look at this issue on your site and it looks like the configuration in facebook might not be correct.
What you need to make sure of is that facebook login authentication is enabled for the Website (Web) then only it will work.
The app domain:------
Contact email: your email address
Then in the Website section
Site url:------"
I can't seem to locate where the "Site URL" section is that I need to be putting in a url. I've put in the OAuth Client Redirect URLs...maybe they aren't correct?
Need some major help here.
I was getting this facebook login error:
URL Blocked
This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs.
Facebook login requires whitelisting of the call-back url.
what is the call back url for django-social-auth or python-social-auth ?
include a url to your website that is the absolute url version of this relative url:
/complete/facebook/
how to find this out?
use Chrome browser dev tools, enable preserve log, try to login to your app.
This question / answer is for django-social-auth but likely applies to python-social-auth too.
im a newbie in graph facebook api. I try to get MY_VERIFICATION_CODE by send http request:
link1: https://facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=https://www.facebook.com/connect/login_success.html
and then Facebook will redirect to http://www.facebook.com/connect/login_success.html? code=MY_VERIFICATION_CODE
but I cant get code from response. I copy link1 to chrome, it redirects to url with a code appended as parameter, but this url stays just for seconds and then it changes to this: https://www.facebook.com/connect/blank.html#=
My question is how to read the code from the redirected uri in a java desktop application?
It's all described in the docs at
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3#login
Quote:
When using a desktop app and logging in, Facebook redirects people to the redirect_uri mentioned above and places an access token along with some other metadata (such as token expiry time) in the URI fragment:
https://www.facebook.com/connect/login_success.html#access_token=ACCESS_TOKEN...
Your app needs to detect this redirect and then read the access token out of the URI using the mechanisms provided by the OS and development framework you are using. You can then skip straight to the Inspecting access tokens step.
I have an app that only runs on https. So my Pag Tab URL and Secured Page Tab URL have the same https url.
I have noticed that I get a blank signed request for users who are using Facebook on http.
Is there a way by which I can get the users to see my secured content even when they are accessing facebook from http?
Facebook says that this configuration is not supported by design. Apps must be available via both HTTP and HTTPS.
Source: http://developers.facebook.com/bugs/210713629051920/
Unfortunately it is necessary you always provide a HTTP alternative
for FB users who want to visit your App under HTTP. In your specific
case, in your http endpoint you will be able to display an specific
message to these users encouraging them to visit the HTTPS version of
your App.