For the past couple of years we've been developing a client/server application and it's been working well with us hosting the server and applications. I've recently started work on getting our mobile app to connect and have run into a snag.
The mobile app can login and obtain a token but when it presents that token for an API call Owin is failing to create a valid Principal.
The same API call from our desktop app (running on the same physical machine as the server) has an HttpRequestMessage "MS_OwinContext" property with the Authentication.User field populated. The same call from the mobile does not.
Yet both of them seem to be sending the same API request (different bearer token of course). Alternative can anyone tell me where I might at least start looking or how I could get information from OWIN as to what it's doing? It's also worth pointing out that the mobile app (Xamarin) shares most of its code with the desktop application.
Right now I'm staring at a black box and all I know is that 'it doesn't work'.
Okay the problem was that the server was setting Authority in the bearer options to be localhost. Audience is derived from this so when connecting using the host name validation fails.
The answer appears to therefore not use localhost as part of the authority.
loginWithFacebook has stopped working for me.
Even the previous version of the code.
The plain code with just {{> loginButtons}} when run, on click connects to facebook, but on return waits very long for localhost and throws back this error after some time.
W20150123-21:16:55.743(5.5) (oauth_server.js:398) Error in OAuth Server: Failed to complete OAuth handshake with Facebook. connect ETIMEDOUT
I'm running my app inside a corporate network with proxy. Facebook is accessible and i', able to login other apps like soundclound with login via facebook.
When i'm connecting via other source (mobile data) i'm able to do a login. Any suggestion on how to find root cause ?
Now I'm trying to use the sample code in facebook PHP SDK.
Though I can use localhost to view my web on Google Chrome broser,when I fill the URL
(I use APPSERV as my server)
localhost in the "Secure Canvas URL" blank, it always says server connection denied.
(I'm not sure if the message in English is correct.It shows "伺服器拒絕連線"on my broswer)
Thanks for everyone who answers my question.
You can not develop your facebook app on your localhost without SSL anymore.
Facebook made Secure Browsing default and no way to undo it.
So if you want to test your own app on localhost you have to self signed your app.
https://www.facebook.com/notes/facebook-engineering/secure-browsing-by-default/10151590414803920
I am working on my first app for Facebook and facing (probably) with the SSL problem. If I am testing the app, so it's working well. But then I wanted to test the app by my friend - so I assigned him the role "Tester", he accepted it and I sent him the link to the app.
If he opened the app, he got the error The website is not available - Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error
I started google it and it looks that the cause is the missing SSL certificate on my hosting, where the app is stored.
BUT - how is possible, that the app is working me well without the SSL and to my friend doesn't? If the SSL is required for Facebook apps, why I didn't get the same error?
(I set Secure Canvas URL: to https://example.com/fb-app-directory/, however I don't have at this domain and hosting any SSL certificate).
I never used before SSL. I bought the domain name on Namecheap and hosting on Hostgator. So now, I should buy a SSL certificate from the offer (http://www.namecheap.com/ssl-certificates.aspx) of Namecheap, right?
Would be suitable for the Facebook app the cheapest one?
Look, this SSL problem can only be solved by purchasing a valid SSL certificate or looking for a server which can host your app and is SSL certified such as:
phpfog.com - Provides you with some limited space and database service.
heroku.com - Does not provide any storage space for saving dynamically generated data. To have that service, you have to buy the Amazon buckets service which, again, is a costly affair.
If you don't want to invest any money, I would recommend that you go with phpfog - it is easy and its documentation is pretty good.
You should buy an SSL cert in order for everyone to be able to access your app. Your friend probably has his settings set so that he browses Facebook securely, in this case he is hitting https://example.com/fb-app-directory/, not your actual URL.
The cheapest one isn't the best one, but it should work as long as it's valid. I would suggest using Heroku though, as that way you get everything you need - for free :)
Use a proxy in heroku.com and bring your page in secure domain as https://yourapplication.herokuapp.com/
"Starting October 1, 2011 Facebook will require a valid SSL Certificate for all pages and applications hosted outside of Facebook."
http://www.wpcode.net/fb-ssl.html/
Maybe you are visiting your application with http://apps.facebook.com/... and your friend is visiting with https://apps.facebook.com/....
Another possibility is that your friend has checked "Browse Facebook on a secure connection (https) whenever possible" under "Account Security".
Try ngrok. It exposes a local web server with just one command:
ngrok 80
After this you can access your localhost like this: xxxxxxxx.ngrok.com
Just installed a SSL certificate and when I try to access to my fmbl app through https connection I can't see the application, the page is blank and I'm losing lots of users and the rate of my app is going to the deep down.
However, if I access to the app through http (non ssl) I can see without problems.
Thanks!
Have you solved?
'Cause i think the problem is arise by Chrome.
If your application has a self-signed SSL cert and you open it on chrome you'll receive a 501 error message. Chrome should show an alert message whit a 'continue' button to enter the app, but this doesn't happen when chrome call an https resource from an iframe.
Is it a self-signed certificate? For some reason, FB doesn't support those, and you'll need a certificate which is signed by a CA.