I have asked in my post earlier what url / redirect url I should use here:
how to request auth code from Smartsheet via Postman
An user suggested me to ngrok, it gave me a temporary website when I set the http to 80. However, I noticed the forwarding website given is different every time I type
./ngrok http 80
Here are my questions:
if the forwarding website is different , how am I able to get a 'allow access' page as I don't know what app url and redirect url I should put for my Smartsheet.
I tried to request the website by typing
./ngrok http80
It gave me a forwarding , so I type the website as my app url, and /callback as the redirect url, I still don't get the 'allow access' page
the Smartsheet documentation asks me to type in the following
https://app.smartsheet.com/b/authorize?response_type=code&client_id=dheu3dmkd32fhxme&scope=READ_SHEETS%20WRITE_SHEETS&state=MY_STATE
I tried to use postman for the command above, it does not show me any error nor showing the 'allow access' page.
I am trying to get the 'allow access' page to work in my html file, but I am not sure what code I should put.
I am novice to smarsheet API, any explanation in detail will be appreciated. thank you in advance.
Looking at the ngrok docs you can set a custom subdomain each time you launch ngrok. This way you can have the same URL for repeated use.
This way you could have a command to run ngrok look like this:
ngrok http -subdomain=testsmartsheetoauth 80
Your URL would look like this:
http://testsmartsheetoauth.ngrok.io
And your callback could be set to this:
http://testsmartsheetoauth.ngrok.io/callback
This should give you the persistent URLs you need that your app could use for the OAuth flow.
Related
I have the following problem.
I would like to link/redirect a link via parameter to another page, for example:
https://example.com?uri=https%3A%2F%2Fgoogle.de
or
https://example.com?uri=mailto:?subject=text&body=text
so that I can exchange {params} with any URL or mailto link. https://example.com?uri={params}
We use a marketing service provider where we host our websites, which cannot use PHP. So only Javascript or Jquery.
Does anyone have an idea how I can implement this?
Thanks a lot
Important notice:
If you register for testing, go to your profile settings and to your interests add delete profile.
Trying to login with Facebook to my website:
I get the following error:
URL Blocked: This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs.
My settings (Basics) in Facebook are:
App Domains: openstrategynetwork.com
Site URL for website: http://openstrategynetwork.com/
In the advanced tab, Valid OAuth redirect URIs is set to:
http://openstrategynetwork.com/_oauth/facebook?close
App is public.
More settings (Advanced) here:
App key and secret are correct. I'm using Meteor and its accounts packages.
As the questioner writes
In the advanced tab, Valid OAuth redirect URIs is set to: ...
and I had the same problem (writing the redirect url into the wrong input field) I would like to highlight that
It's NOT
Settings -> Advanced -> Share Redirect Whitelist
but
Facebook Login -> Settings -> Valid OAuth redirect URIs
It would have saved me 2 hours of trial and error.
You should also have it in mind that
www.example.com is not the same as example.com. Add both formats to the redirect URL.
The login with Facebook button on your site is linking to:
https://www.facebook.com/v2.2/dialog/oauth?client_id=1500708243571026&redirect_uri=http://openstrategynetwork.com/_oauth/facebook&display=popup&scope=email&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiIwSXhEU05XamJjU0VaQWdqcmF6SXdOUWRuRFozXzc0X19lbVhGWUJTZGNYIiwiaXNDb3Jkb3ZhIjpmYWxzZX0=
Notice: redirect_uri=http://openstrategynetwork.com/_oauth/facebook
If you instead change the link to:
redirect_uri=http://openstrategynetwork.com/_oauth/facebook?close
It should work. Or, you can change the Facebook link to http://openstrategynetwork.com/_oauth/facebook
You can also add http://localhost/_oauth/facebook to the valid redirect URIs.
Facebook requires that you whitelist redirect URIs, since otherwise people could login with Facebook for your service, and then send their access token to an attacker's server! And you don't want that to happen ;]
This worked for me.
redirect_url = http://127.0.0.1:8080/accounts/facebook/login/callback/
I got that from my browser after clicking the Facebook button you browser will be redirected to a link for integrating with Facebook API, so where you will get that redirect. For my case the link was this from where I got the redirect_url.
https://www.facebook.com/dialog/oauth?client_id=...&scope=&response_type=code&state=...&redirect_uri=http://127.0.0.1:8080/accounts/facebook/login/callback/
Make sure "App Domain" and Facebook Login => Valid OAuth redirect URIs. There you must check www or without www. Its better if you use with www or without for all URLs in php,html,css files and Fb app settings.
Other thing is if you're using "/" end of the URLs you must add that URL to app settings of Valid OAuth redirect URIs.
Example:- https://www.example.com/index.php/ if this url if youre using in the redirect url you must set that to app settings.
Hope this would be help.
In my case, I just had to make sure I have my urls both with and without www for Application Domain and Redirect URLs:
In my case, I had to use: signin-facebook after my site url, for redirect url.
Ok First of all this is a very clear error message. Just look at this many devs miss this including my self. Have a look at the screen shot here please.
Under Products > Facebook Login > Settings
or just go to this url here (Replace YOUR_APP_ID with your app id lol):
https://developers.facebook.com/apps/YOUR_APP_ID/fb-login/settings/
If you are working on localhost:3000 Make sure you have https://localhost:3000/auth/facebook/callback
Ofcourse you don't have to have the status live (Green Switch on top right corner) but in my case, I am deploying to heroku now and will soon replace localhost:3000 with https://myapp.herokuapp.com/auth/facebook/callback
Of course I will update the urls in Settings/Basic & Settings/Advanced and also add a privacy policy url in the basic section.
I am assuming that you have properly configured initializers/devise.rb if you are using devise and you have the proper facebook gem 'omniauth-facebook', '~> 4.0' gem installed and gem 'omniauth', '~> 1.6', and you have the necessary columns in your users table such as uid, image, and provider. That's it.
For my Node Application,
"facebook": {
"clientID" : "##############",
"clientSecret": "####################",
"callbackURL": "/auth/facebook/callback/"
}
put callback Url relative
My OAuth redirect URIs as follows
Make Sure "/" at the end of Facebook auth redirect URI
These setups worked for me.
Changing from hauth.done=Facebook to hauth_done=Facebook in the Valid OAuth redirect URIs fixed it for me.
It might help somebody.
I had the similar error message, but only in dev and staging environments, not in production. The valid redirect URIs were correctly set, for the dev and staging subdomains as well as for production.
It turned out I forgot that for those environments we use the testing FB app, which is a separate one in the FB developer page. Had to select that and update its settings.
Hey Guys
so i was having this error below
Basically all you have to do is to make sure your url in "OAuth Redirect URIs" from facebook corresponds with your url callback in your code see the image sample below
!!!must match with this below
If error still persist make sure this 3(three) URL are correct!.
Site URL
Privacy Policy URL
App domains
you can view them in your developer->settings->basic tab.
hope this helps you fix the bug! Happy coding :)
Try to add http://openstrategynetwork.com/sigin-facebook to Client OAuth Settings valid redirect URL along with your own redirect URL.
Login Helper of your site
$loginUrl = $helper->getLoginUrl('xyz.com/user_by_facebook/', $permissions);
and in facebook application dashboard (Under products tab : Facebook Login )
Valid OAuth redirect URIs should also be same to xyz.com/user_by_facebook/
as mentioned earlier while making request from web
We had the same problem, such a nightmare.
Make sure your App IDs and Secret Keys are correct. If you are using separate development, staging and production apps for testing, the App IDs and Secret Keys are all different for each app. This is often the problem.
Make sure you have the callback URL set properly in your app config file (see below). And then add this as same URL under "Facebook Login" settings where it says "Valid OAuth redirect URIs". It should look like this (depending on your environment):
http://localhost/auth/facebook/callback
http://staging.example.com/auth/facebook/callback
http://example.com/auth/facebook/callback
Make sure your app domain is set to the correct domain for each environment, including both "www" and "no-www". Facebook also requires these domains to match the URL of your website or app platform. You will have to select "Add Platform" to add this.
In my case, I was integrating Facebook login within a Rails app tutorial. I had added http://localhost:3000/adsf to my Valid OAuth Redirect URIs, but the Rails app would open the url as http://0.0.0.0:3000 and would therefore try to redirect to http://0.0.0.0:3000/asdf. After adding http://0.0.0.0:3000/asdf to the Valid OAuth Redirect URIs, or navigating to http://localhost:3000/asdf, it worked as expected.
In my case URI, as it was defined on FB, was fine, but I was using Spring Security and it was adding ;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD to my URI so, it caused the mismatching.
https://m.facebook.com/v2.5/dialog/oauth?client_id=your-fb-id-code&response_type=code&redirect_uri=https://localizator.org/auth/facebook;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD&scope=email&state=b180578a-007b-48bc-bd81-4b08c6989e18
In order to avoid the URL rewriting I added disable-url-rewriting="true" to Spring Security config, in this way:
<http auto-config="true" access-denied-page="/security/accessDenied" use-expressions="true"
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"/>
And it fixed my problem.
Just add www in redirect_uri in your code.
Like:-
https://www.facebook.com/v3.3/dialog/oauth?client_id=427141371274449&redirect_uri=https://www.example.com/facebook-callback&scope=email&state=5f40cc740267d3-34619096-32051275-123456
Put your url here
Facebook Login -> Settings -> Valid OAuth redirect URIs
AND
you'll also get that error if your APP ID is wrong
In my Google search console I try to fetch and render my pages but I get redirect error because of http to https redirect. Is it possible to solve this?
If like me you had the URL in the Wordpress General setting as http:// (without the www) you need to add the "www". This is a link to page info on this.
https://support.google.com/webmasters/answer/96568#2
Important notice:
If you register for testing, go to your profile settings and to your interests add delete profile.
Trying to login with Facebook to my website:
I get the following error:
URL Blocked: This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs.
My settings (Basics) in Facebook are:
App Domains: openstrategynetwork.com
Site URL for website: http://openstrategynetwork.com/
In the advanced tab, Valid OAuth redirect URIs is set to:
http://openstrategynetwork.com/_oauth/facebook?close
App is public.
More settings (Advanced) here:
App key and secret are correct. I'm using Meteor and its accounts packages.
As the questioner writes
In the advanced tab, Valid OAuth redirect URIs is set to: ...
and I had the same problem (writing the redirect url into the wrong input field) I would like to highlight that
It's NOT
Settings -> Advanced -> Share Redirect Whitelist
but
Facebook Login -> Settings -> Valid OAuth redirect URIs
It would have saved me 2 hours of trial and error.
You should also have it in mind that
www.example.com is not the same as example.com. Add both formats to the redirect URL.
The login with Facebook button on your site is linking to:
https://www.facebook.com/v2.2/dialog/oauth?client_id=1500708243571026&redirect_uri=http://openstrategynetwork.com/_oauth/facebook&display=popup&scope=email&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiIwSXhEU05XamJjU0VaQWdqcmF6SXdOUWRuRFozXzc0X19lbVhGWUJTZGNYIiwiaXNDb3Jkb3ZhIjpmYWxzZX0=
Notice: redirect_uri=http://openstrategynetwork.com/_oauth/facebook
If you instead change the link to:
redirect_uri=http://openstrategynetwork.com/_oauth/facebook?close
It should work. Or, you can change the Facebook link to http://openstrategynetwork.com/_oauth/facebook
You can also add http://localhost/_oauth/facebook to the valid redirect URIs.
Facebook requires that you whitelist redirect URIs, since otherwise people could login with Facebook for your service, and then send their access token to an attacker's server! And you don't want that to happen ;]
This worked for me.
redirect_url = http://127.0.0.1:8080/accounts/facebook/login/callback/
I got that from my browser after clicking the Facebook button you browser will be redirected to a link for integrating with Facebook API, so where you will get that redirect. For my case the link was this from where I got the redirect_url.
https://www.facebook.com/dialog/oauth?client_id=...&scope=&response_type=code&state=...&redirect_uri=http://127.0.0.1:8080/accounts/facebook/login/callback/
Make sure "App Domain" and Facebook Login => Valid OAuth redirect URIs. There you must check www or without www. Its better if you use with www or without for all URLs in php,html,css files and Fb app settings.
Other thing is if you're using "/" end of the URLs you must add that URL to app settings of Valid OAuth redirect URIs.
Example:- https://www.example.com/index.php/ if this url if youre using in the redirect url you must set that to app settings.
Hope this would be help.
In my case, I just had to make sure I have my urls both with and without www for Application Domain and Redirect URLs:
In my case, I had to use: signin-facebook after my site url, for redirect url.
Ok First of all this is a very clear error message. Just look at this many devs miss this including my self. Have a look at the screen shot here please.
Under Products > Facebook Login > Settings
or just go to this url here (Replace YOUR_APP_ID with your app id lol):
https://developers.facebook.com/apps/YOUR_APP_ID/fb-login/settings/
If you are working on localhost:3000 Make sure you have https://localhost:3000/auth/facebook/callback
Ofcourse you don't have to have the status live (Green Switch on top right corner) but in my case, I am deploying to heroku now and will soon replace localhost:3000 with https://myapp.herokuapp.com/auth/facebook/callback
Of course I will update the urls in Settings/Basic & Settings/Advanced and also add a privacy policy url in the basic section.
I am assuming that you have properly configured initializers/devise.rb if you are using devise and you have the proper facebook gem 'omniauth-facebook', '~> 4.0' gem installed and gem 'omniauth', '~> 1.6', and you have the necessary columns in your users table such as uid, image, and provider. That's it.
For my Node Application,
"facebook": {
"clientID" : "##############",
"clientSecret": "####################",
"callbackURL": "/auth/facebook/callback/"
}
put callback Url relative
My OAuth redirect URIs as follows
Make Sure "/" at the end of Facebook auth redirect URI
These setups worked for me.
Changing from hauth.done=Facebook to hauth_done=Facebook in the Valid OAuth redirect URIs fixed it for me.
It might help somebody.
I had the similar error message, but only in dev and staging environments, not in production. The valid redirect URIs were correctly set, for the dev and staging subdomains as well as for production.
It turned out I forgot that for those environments we use the testing FB app, which is a separate one in the FB developer page. Had to select that and update its settings.
Hey Guys
so i was having this error below
Basically all you have to do is to make sure your url in "OAuth Redirect URIs" from facebook corresponds with your url callback in your code see the image sample below
!!!must match with this below
If error still persist make sure this 3(three) URL are correct!.
Site URL
Privacy Policy URL
App domains
you can view them in your developer->settings->basic tab.
hope this helps you fix the bug! Happy coding :)
Try to add http://openstrategynetwork.com/sigin-facebook to Client OAuth Settings valid redirect URL along with your own redirect URL.
Login Helper of your site
$loginUrl = $helper->getLoginUrl('xyz.com/user_by_facebook/', $permissions);
and in facebook application dashboard (Under products tab : Facebook Login )
Valid OAuth redirect URIs should also be same to xyz.com/user_by_facebook/
as mentioned earlier while making request from web
We had the same problem, such a nightmare.
Make sure your App IDs and Secret Keys are correct. If you are using separate development, staging and production apps for testing, the App IDs and Secret Keys are all different for each app. This is often the problem.
Make sure you have the callback URL set properly in your app config file (see below). And then add this as same URL under "Facebook Login" settings where it says "Valid OAuth redirect URIs". It should look like this (depending on your environment):
http://localhost/auth/facebook/callback
http://staging.example.com/auth/facebook/callback
http://example.com/auth/facebook/callback
Make sure your app domain is set to the correct domain for each environment, including both "www" and "no-www". Facebook also requires these domains to match the URL of your website or app platform. You will have to select "Add Platform" to add this.
In my case, I was integrating Facebook login within a Rails app tutorial. I had added http://localhost:3000/adsf to my Valid OAuth Redirect URIs, but the Rails app would open the url as http://0.0.0.0:3000 and would therefore try to redirect to http://0.0.0.0:3000/asdf. After adding http://0.0.0.0:3000/asdf to the Valid OAuth Redirect URIs, or navigating to http://localhost:3000/asdf, it worked as expected.
In my case URI, as it was defined on FB, was fine, but I was using Spring Security and it was adding ;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD to my URI so, it caused the mismatching.
https://m.facebook.com/v2.5/dialog/oauth?client_id=your-fb-id-code&response_type=code&redirect_uri=https://localizator.org/auth/facebook;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD&scope=email&state=b180578a-007b-48bc-bd81-4b08c6989e18
In order to avoid the URL rewriting I added disable-url-rewriting="true" to Spring Security config, in this way:
<http auto-config="true" access-denied-page="/security/accessDenied" use-expressions="true"
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"/>
And it fixed my problem.
Just add www in redirect_uri in your code.
Like:-
https://www.facebook.com/v3.3/dialog/oauth?client_id=427141371274449&redirect_uri=https://www.example.com/facebook-callback&scope=email&state=5f40cc740267d3-34619096-32051275-123456
Put your url here
Facebook Login -> Settings -> Valid OAuth redirect URIs
AND
you'll also get that error if your APP ID is wrong
My iframe application don't render facebook tags, I tried to change to connect url to localhost/port but it still not working, is anyone have any suggestion?
For clarification I can see some text in my application, I just can't see the facebook tags
(It's happend to my in Facebook Developer Toolkit iframe sample code)
Thanks
----------------------edit---------------------------
I don't sure where to find the callback url, and the connect url because I didn't found them under the facebook application setting configurations- I think the set of the url connect is , this was the original setting, and I found in some forum that I need to change it to localhost/port
Could you elaborate on your settings, particularly for the connect url? You can't put "localhost" into the Facebook settings - their servers don't know who you are when you say that. To them "localhost" means that facebook server. You need to enter your external IP address, and you may also need to open port 80 to let them load your page from there too.
If your application is otherwise working, then you must have put the correct IP in the callback url, otherwise nothing would be working. Whatever the case, the callback url and connect url must be on the same domain.