OAuthException code 100 - facebook

I'm getting the error:
{"error":{"message":"Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request","type":"OAuthException","code":100,"fbtrace_id":"C0VqQrGq4iM"}
I manually built the login flow with the resulting dialog url:
https://www.facebook.com/dialog/oauth?client_id=970056533030026&auth_type=rerequest&scope=email&display=popup&redirect_uri=https://www.opentable.ie/my/oauth/facebook
On our FB app settings we have:
App Domains has opentable.ie
On Advanced Settings - Valid OAuth redirect URIs we have https://www.opentable.ie/my/oauth/facebook
When I went back to see my logs I saw that redirectUri lost https and is using plain http, that's the only pointer I have.
Any ideas on why we get this error? Thanks guys

Related

Facebook login error: “URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings.”

I know this question has been asked several times, but none of them are helping me. This functionality was working up until a day ago. Now I am getting this error and do not believe I have changed anything on our servers. But I know something must have changed.
Here is the url my app is trying to redirect to:
https://advocacy-test.hrmarketer.com/advocacyTest/HRmIWeb/web/facebook/auth?code=AQC6QmTOU4q__kdLDkmuqIrysoJiY1eX-HrvQtE8FeqPbOPNM22gZl4niOwEVXm_3mkBdsiYto0CnswpuLgdqbrdILIea4z1VCfpNt2CQwbfGJ61I_1QNDi7eIF3jR6Sw2JzKstcXSUi2Hydt8frN9Cg2pLrLDeSiOPgV9rO7E5O6ikhUDGAt3vYiWKb6P3nn65FPM_C5ZYczOVnYhU8Qpe8Oj4O8VTtQtR7WgayVoQP6nCldvcDjRQpnNVolJI_c_lLeTRFGQhFod-w3P_rbACRyzARxD5nYAu2jblBKHHhKQWDRD_vHl19r78mlQLPAz9M3GZcFs-xEbE2K97q_D1z&state=bdd6a2a608a7249d0cf7102fd1150341#=
When I check this in my FB app settings it says it's a valid callback uri. What could be the issue?
Redirect URI to Check
Check URI
https://advocacy-test.hrmarketer.com/advocacyTest/HRmIWeb/web/facebook/auth
check
This is a valid redirect URI for this application
From Facebook app settings
Step 1: You have to go to your code and add your URL:
$redirectUrl = "http://example.com/[auth_link]";
Step 2: Go to your Facebook App Setting and add add the exact URL above.
May be your problem is you missed WWW -> the solution add both WWW and no-WWW versionsto whitelist in Client OAuth Settings
OR you missed parameters after URL: eg: ?back=xxx

Linkedin OAuth2 authorization code error

I´m trying to connect via Linkedin Auth2 from a java web application:
Added my own app in linkedin.
Generate the authorization URL: https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=XXX&scope=r_basicprofile%20r_fullprofile%20r_emailaddress&state=DCEEFWF454Us5dffef424&redirect_uri=http://localhost:9090/springmvc/token.htm
Introduce my login/password for linkedin in the new popup.
Get back successful the request on the redirect_uri previus, and take the authorization code "code"
Generate the accessToken URL
Make a POST with: https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&code=YYY&redirect_uri=http://localhost:9090/SpringMVC/token.htm&client_id=XXX&client_secret=ZZZ
Get next error in response: {"error_description":"missing required parameters, includes an invalid parameter value, parameter more than once. : Unable to retrieve access token : appId or redirect uri does not match authorization code or authorization code expired","error":"invalid_request"}
I´ve verified url parameters are correct:
- "code" is the token receive on step 4.
"redirect_uri" is the same URL on step 2 and 4. I added this URL on section "OAuth 2.0 redirect URL" on my APP.
"client_id" and "client_secret" are the "Client API" and "Secret API" on my APP.
Time between first and second request is less than 20 seconds.
The value of your redirect_uri parameter must be URL-encoded, so at 6. do:
https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&code=YYY&redirect_uri=http%3A%2F%2Flocalhost%3A9090%2FSpringMVC%2Ftoken.htm&client_id=XXX&client_secret=ZZZ
and it need not be sent as a POST but as a GET.
If You Are Sending a Request For Access Token it must be POST Request
Refer the OAuth Documentation
I actually Copied the Whole URL From My Eclipse Console To URL It is Still Valid
In Your Case The Problem is with URL Encoding As HanZ said .
You Have to Encode Your URL For Post Request.
I too got bugged with this issue for long time. Please keep few things in mind which I did and eventually sorted it out.
Hit the api to get authorization code by using get request.
The authorization code has a life span of about 20 seconds, so its difficult to manually copy the code from the url and make a request for token access. You should do it pro-grammatically.
Make a post request for getting access token.
Most Important: Old linkedin applications that I had created was not working and giving the above error. Create a new linkedin application and try. Doing this worked for me.
I assume that all the other parameters like client_id, secret, redirect_uri are correct.
please try and let us know.
Thanks.

What is the redirect_uri?

I'm trying to authenticate facebook users into a web-app i'm building without the javascript SDK, I'm following This guide. In the first step (where I'm supposed to send the appId along with the redirect_uri),
I have the redirect_uri set to "http%3A%2F%2Feduudle.com%2Fborhom2", it works as expected and sends the code parameter to the backend.
However, in the second step where I'm supposed to send the code along with the client_secret and the redirect_uri, I send the same redirect_uri and it doesn't work. I get the following message "Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request"
I have tried the slash at the end, replacing the : with %3A and the / with %2F. I'm 100% sure that the redirect_uri is EXACTLY the same as the one I'm sending in the get request.
The only case where I'd be wrong is if I misunderstood what the redirect_uri is and how to change it from facebook. Try it yourself "http:// eduudle.com / borhom"
I'm 100% sure that the redirect_uri is EXACTLY the same as the one I'm sending in the get request.
Doesn’t look like that.
Clicking login on your sample page redirects me to
https://www.facebook.com/dialog/oauth?client_id=461627793920081&
redirect_uri=http://eduudle.com/borhom2&scope=…
whereas the Graph URL giving the error afterwards is like this,
https://graph.facebook.com/oauth/access_token?code=…&client_secret=…&
redirect_uri=http://eduudle.com/&client_id=461627793920081#_=_
So check your code for the part where that URL is generated and redirected to – I’m pretty sure its your mistake ;-(

Facebook server-side OAuth 2.0 on localhost:8080 can't get access token missing redirect_uri

There are many other question related to this, but they didn't help me fix my problem.
I'm using the Facebook server-side login for a website, which I want to test locally. The path that initiates the login action is [http://localhost:8080/fblogin] (this redirects to the Facebook login dialogue, and goes from there).
I can successfully get the code, but when I try to exchange that for an access token, I get the following error:
{"error":{"message":"Missing redirect_uri parameter.","type":"OAuthException","code":191}}
I am providing the redirect_uri, url encoded and it is the same as the one I use to get the first code. Here is the url I'm using to request the access token (with the all-caps query string parameters replaced with their actual values, of course):
https://graph.facebook.com/oauth/access_token?client_id=CLIENT_ID&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Ffblogin&client_secret=CLIENT_SECRET&code=CODE_FROM_FB
I suspect this might have to do with how my app is set up on Facebook. Here are the values I have set:
Display Name: (an actual display name here)
App Domains: localhost
Contact email: (an actual email here)
Site URL: [http://localhost:8080/fblogin]
What do I need to tweak in the settings to get this to work? Or does this look correct?
By the way, if it makes any difference, I am using the Play! framework, version 2.0.1
After digging around a little more, I found that it was necessary for me to use POST when sending the request from my server to get the access token.
Interesting that using POST worked for you as this didn't for me.
In any case, did you add the query parameters using setQueryParameter()? (see How to make multiple http requests in play 2?)

Facebook - OAuth Token - redirect_uri isn't an absolute URL

... but it is!
I am calling the facebook API with the following link in order to receive my access token:
https://www.facebook.com/dialog/oauth?client_id=myclientid&redirect_uri=http%3A%2F%2Fmydomain.org%3A8080%2FServer%2FFacebookAuthenticationVerificationServlet&scope=manage_notifications,offline_access,read_mailbox,read_stream,publish_stream
What am I doing wrong?
Facebook answers with the following error:
message: redirect_uri isn't an absolute URI. Check RFC 3986.
type: OAuthException
code: 191
It shouldn't have anything to do with it, but I am using java's URLEncode.encode() to encode the URL into UTF-8. I compared the result with that one from JavaScript's encodeURIComponent() and didn't find any difference.
EDIT: Do I have to set the domain into my configuration? I can't locate it on "App Domains" (because facebook doesn't allow me to add domains there with port configuration) but I set the domain as "URL of my website".
EDIT2: The unencoded redirect uri: http://mydomain.org:8080/Server/FacebookAuthenticationVerificationServlet
EDIT3: This has nothing to do with the :8080. I tested it with a php-script (URL was like bla.domain.org/myphp.php) and sent the code by the php script to the tomcat server, but the error persisted.
Okay, it turned out I misunderstood the OAuth protocol. I was fetching the authorizationCode that THEN leeds me to the accessToken.
But I wasn't able to fix that error in specific. I just redeveloped the procedure and implemented auth-code and access-token separation and it works fine now.
Maybe unauthorizating the app and reauthorizating it # facebook did fix it?
Error code 191 for Facebook is
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
Make sure mydomain.org is in the App Domains field, and that the Website with Facebook login field is correct.
You shouldn't encode redirect_uri. http%3A%2F%2Fmydomain.org is not understood as http://mydomain.org