I've deployed my MVC5 application onto a server (was on localhost up until now), and now the Facebook authentication isn't working, because the redirect URL is still set to localhost. The link generated starts with:
https://www.facebook.com/dialog/oauth?response_type=code&client_id=xxxxxxxxxxxxxxxx&redirect_uri=https%3A%2F%2Flocalhost%2Fsignin-facebook
How does it generate the redirect_uri? I need to specify my new server's address and thought it would be by changing the IISUrl property in the project's csproj file, but when I do, the project fails to load.
I've whitelisted the new URL at the Facebook side, I just can't work out how to tell my application itself that it has relocated (I'm guessing it's generating the value for the redirect_url parameter based on a value/setting somewhere in my application).
I'm using the Microsoft Owin packages, and the code to generate the button is:
#foreach (AuthenticationDescription p in loginProviders)
{
<button type="submit" class="btn btn-default btn-block btn-social btn-#p.AuthenticationType.ToLower()" id="#p.AuthenticationType" name="provider" value="#p.AuthenticationType" title="Log in using your #p.Caption account">
#p.AuthenticationType
<i class="fa fa-#p.AuthenticationType.ToLower()"></i>
</button>
}
Thanks
This is the way owin builds the redirect uri
string baseUri =
Request.Scheme +
Uri.SchemeDelimiter +
Request.Host +
Request.PathBase;
string redirectUri =
baseUri +
Options.CallbackPath;
where Options.Callbackpath defaults to /signin-facebook
Since your base uri is reading localhost make sure the server you deployed to isn't running on localhost and you are browsing to it with the correct domain name
Related
I have set up a new Azure Mobile App Service instance which has been working fine. The only thing I can think that I've done to the server side configuration is add a Lets Encrpyt certificate to provide SSL support using the Lets Encrypt Azure Extension.
Now, when I publish, I get a Runtime Error. Looking in the Azure streaming logs, I can see the following every time I hit the application URL:
2017-06-29T13:54:07 Welcome, you are now connected to log-streaming service.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>IIS Detailed Error - 500.0 - Internal Server Error</title>
</head>
<body>
<div id="content">
<div class="content-container">
<h3>HTTP Error 500.0 - Internal Server Error</h3>
<h4>The page cannot be displayed because an internal server error has occurred.</h4>
</div>
<div class="content-container">
<fieldset><h4>Most likely causes:</h4>
<ul> <li>IIS received the request; however, an internal error occurred during the processing of the request. The root cause of this error depends on which module handles the request and what was happening in the worker process when this error occurred.</li> <li>IIS was not able to access the web.config file for the Web site or application. This can occur if the NTFS permissions are set incorrectly.</li> <li>IIS was not able to process configuration for the Web site or application.</li> <li>The authenticated user does not have permission to use this DLL.</li> <li>The request is mapped to a managed handler but the .NET Extensibility Feature is not installed.</li> </ul>
</fieldset>
</div>
<div class="content-container">
<fieldset><h4>Things you can try:</h4>
<ul> <li>Ensure that the NTFS permissions for the web.config file are correct and allow access to the Web server's machine account.</li> <li>Check the event logs to see if any additional information was logged.</li> <li>Verify the permissions for the DLL.</li> <li>Install the .NET Extensibility feature if the request is mapped to a managed handler.</li> <li>Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here. </li> </ul>
</fieldset>
</div>
<div class="content-container">
<fieldset><h4>Detailed Error Information:</h4>
<div id="details-left">
<table border="0" cellpadding="0" cellspacing="0">
<tr class="alt"><th>Module</th><td> AspNetInitializationExceptionModule</td></tr>
<tr><th>Notification</th><td> BeginRequest</td></tr>
<tr class="alt"><th>Handler</th><td> ExtensionlessUrlHandler-Integrated-4.0</td></tr>
<tr><th>Error Code</th><td> 0x00000000</td></tr>
Has anyone come across this problem before?
OK< bit of an obscure and edge case one this, but thought I'd leave it here with the answer in case it helps someone.
I created the site and published it with it all working fine. I then changed the assembly name to fit in with my project naming standards and re-published, without selecting 'DELETE ALL FILES' becuase it would wipe out the Lets Encrypt extension settings. However, this lef the old DLL's hanging around in the \bin directory meaning there were two OWIN startup classes being found!
Deleting the old one fixed the issue.
My coldfusion version is 10 and configured with iis. I have configured Rest service using the following code
<cfset restInitApplication(getDirectoryFromPath(getCurrentTemplatePath()), "myservicename") />
My cfc which is in same directory looks something like that
component restpath="test" rest="true" produces="application/json"
{
remote array function getResult(
required string tmpID restargsource="path",
string startDate restargsource="query",
string endDate restargsource="query"
)
httpmethod="GET"
restpath="{tmpID}"
{
return arguments.tmpID;
}
}
I am trying to access the rest service by url but it is giving me 404 not found error. Here is url which i have tried.
http://localhost:8500/rest/myservicename/test/10221
http://example.com/rest/myservicename/test/10221
http://127.0.0.1/rest/myservicename/test/10221
But all three is not working for me. When i try to refresh the service from coldfusion administrator, it is giving me following error.
Unable to refresh REST service.
Application myservicename could not be initialized.
Reason: The application does not contain any rest enabled CFCs.
The application does not contain any rest enabled CFCs.
I have save my cfc to webroot of iis and update the root path of rest service through coldfusion administrator. Then above error is gone and got the green message 'Server has been updated successfully'. But still not accessible through any url. Still getting 404 error. Can any one point me where i am doing wrong? Or help me to resolve this issue.
Are the urls for the endpoints in identityserver3 configurable?
How come in the example for MVC the Authority is set to:
https://localhost:44319/identity
While the standalone webhost (minimal) sample has the authorization endpoint set to:
https://localhost:44333/connect/authorization
Has something been configured somewhere so that the /identity will work.
Or is the .../identity not the IDSrv3 endpoint at all, but rather only the API call instead of
https://localhost:44321/identity
which is what is called in the CallApiController... (I would change this example totally to something else with different names, so that there's a clear difference between what is part of the app (Foo and Bar) and what is part of idsrv3 (auth claims tokens and scopes) --sigh.
(end of question...)??
In any case:
When the webhost standalone minimal idsrv3 is down - I'm getting:
No connection could be made because the target machine actively refused it ... Wasn't sure what I was doing wrong, but was sure that I was doing something wrong. (Forgot to run the IDSrv3)
When its up, in both paths: (/identity and /connect/authorization)
I get 404 not found,
and if I just give the root with a trailing slash, I get: Error, The client application is unknown or is not authorized, instead of showing me the login page...
So it seems the trailing slash root is the correct way to go, which leaves me with my first question, so how/why is the Authority set in the MVC demo to include the path /identity.
IdentityServer url is configured in the startup.cs file.
In the MVC app the IdS is configured under 'webroot'/identity. In The console app IdS is running under the root of the selfhost 'webroot/'
app.Map("/identity", idsrvApp =>
{
idsrvApp.UseIdentityServer(new IdentityServerOptions
{
SiteName = "Embedded IdentityServer",
SigningCertificate = LoadCertificate(),
Factory = new IdentityServerServiceFactory()
.UseInMemoryUsers(Users.Get())
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get()),
AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
{
EnablePostSignOutAutoRedirect = true,
IdentityProviders = ConfigureIdentityProviders
}
});
});
The other urls you mentioned are all urls which can be resolved via the discovery document: http://'webroot'/.well-known/openid-configuration
or in case of the MVC app: http://'webroot'/identity/.well-known/openid-configuration
I am trying to make MVC4 facebook application using VS 2012 Facebook template. When I run the application keep on getting "Given URL is not permitted by the application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains."
Got following configuration in the web.config
<add key="Facebook:AppId" value="7XXXXXXX64" />
<add key="Facebook:AppSecret" value="e7066XXXXXXXX344" />
<add key="Facebook:AppNamespace" value="mynotepadapp" />
<add key="Facebook:AuthorizationRedirectPath" value="~/Home/Permissions" />
<add key="Facebook:VerifyToken:User" value="" />
I have added www.example.com in my host file. What I am missing here? Also I tried site URL and Canvas URL with out "www". Didnt work either.
Here is what I did to make mvc4 template to work with localhost
You dont change hosts file, leave that one as it is
on Facebook app configuration page under settings > Basic
App Domains is Empty
Canvas url/Canvas Secure url: https: // localhost : port number/ (sorry stackoverflow wont let me write the url properly)
SiteUrl same as canvas url
Your Sandbox mode should be enabled if using localhost
Make sure your Canvas and canvas secure are both https and ends with /
In Web.config, write your appkey, appsecret and appnamespace
Note: there is no place where you need to enter example.com
Hope it helps
I have a Facebook canvas app developed in /net using C# and the latest Facebook SDK 5.xyz
Everything was working fine when i had the app was running a website where all files were on root directory ( http://localhost:81/ ).
Now I had to move (adapt) my app to run from a subdir of an existing website ( http://localhost:81/MySiteFacebook/ )
in web.config i have
<handlers>
<add name="facebookredirect" path="facebookredirect.axd" verb="*" type="Facebook.Web.FacebookAppRedirectHttpHandler, Facebook.Web" />
But this way is not working, while the Authorization is doing the redirect i see in url:
http://www.facebook.com/dialog/oauth/?scope=user_about_me,publish_stream,email&state=STATEHASHHER&client_id=CLIENTIDHERE&redirect_uri=http://localhost:81/facebookredirect.axd
if i manulay add in the url at redirect_uri the subdir and come with: http://localhost:81/MySiteFacebook/facebookredirect.axd
The redirect works fine, it sends me to my registration page.
Given this behavior i went back to my web.config and added the /MySiteFacebook/facebookredirect.axd to the 'path' of the handled.
Guess what? it is not adding this path to the redirect_uri.. ? :(
Any idea? please , Thanks.
You're changing the web.config in the wrong place, you should be editing the urls in the facebookSettings such as:
<facebookSettings appId = "{app_id}" appSecret = "{app_secret}"
canvasPage = "http://apps.facebook.com/{canvas_page}/"
canvasUrl = "http://localhost:81/MySiteFacebook"
secureCanvasUrl = "https://localhost:81/MySiteFacebook" />