I want to make a Discord OAuth2 login for my website.
I found following code for an older Spring version on GitHub https://github.com/fourscouts/blog/tree/master/oauth2-discord
I had to add the SecurityFilterChain in the Configuration because of the new spring version. My Problem now is, that I can acces the Discord login page when I go to http://localhost:8080/login but when I get redirected from Discord I get presented with the error Message you can see in the picture.
Error after Discord redirect
I also get the following message in the console:
Response 400 BAD_REQUEST No event was found for the exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
I have no idea what I should try next.
I uploaded my code to github so you can have a look at it: https://github.com/mrmrmystery/somewhatweb
In Spring, I accomplished this with the following configs in my application.properties
# OAuth2 Discord Registration
spring.security.oauth2.client.registration.discord.provider=discord
spring.security.oauth2.client.registration.discord.client-id=CLIENT_ID
spring.security.oauth2.client.registration.discord.client-secret=SECRET
spring.security.oauth2.client.registration.discord.client-authentication-method=post
spring.security.oauth2.client.registration.discord.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.discord.scope[0]=identify
spring.security.oauth2.client.registration.discord.redirect-uri=http://localhost:8080/login/oauth2/code/discord
# OAuth2 Sign-In-With-Discord
spring.security.oauth2.client.provider.discord.authorization-uri=https://discordapp.com/api/oauth2/authorize
spring.security.oauth2.client.provider.discord.token-uri=https://discordapp.com/api/oauth2/token
spring.security.oauth2.client.provider.discord.user-info-uri=https://discordapp.com/api/users/#me
spring.security.oauth2.client.provider.discord.user-name-attribute=username
Related
I am developing a NextJS application using next-auth with Google Oauth 2 as its authentication provider. The production build is running on Heroku. When attempting to sign in on my production build, Google OAuth is giving me "Error 400: redirect_uri_mismatch". Normally this would be an easy fix, except the exact uri is already registered in Cloud Console.
.
I have also tried added many different permutations of my uri, but this did not help.
This issue not solved by 11485271 or 69151061.
Error in question:
Error 400: redirect_uri_mismatch
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy.
If you're the app developer, register the redirect URI in the Google Cloud Console.
Request Details
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: https://middcourses2.herokuapp.com/api/auth/callback/google
And here is a link to the list of authorized domains in GCP.
Solved! So for some reason, Google changed my Client ID and Client Secret after I already set up those env variables. Once I noticed the change and inputted the new values it worked fine.
For me, clientID was not the issue, but this was due to a trailing slash( / ).
redirect_uri must be an EXACT MATCH on the developers console.
In the Google Cloud console, I had http://localhost:8080 under the redirect URIs in the list while my code was sending http://localhost:8080/ while making the oAuth call.
I'm using Laravel Socialite in a project and added the Twitter Provider in order to be able to allow my users to integrate with their Twitter account. I followed the steps here https://socialiteproviders.com/Twitter/ and I'm getting the following error:
Received HTTP status code [401] with message "{"errors":[{"code":32,"message":"Could not authenticate you."}]}" when getting temporary credentials.
If I leave the TWITTER_REDIRECT_URI in my env file blank, the error goes away and the Oauth flow works exactly as it's supposed to. Is anyone else having this issue? If the TWITTER_REDIRECT_URI isn't needed why have it in the docs?
I am new to Okta and OAuth.
I tried to first do a sample tutorial and followed the same procedure as described here
I am stuck with Angular Authentication using OpenId Connect.
I have created OIDC application in my Octa Account and below is the default Authorization server:
Below is the snapshot of OIDC application in Okta
Below are the snapshots of the output and error I get :
When I click the login button, I am getting 400 Bad Request
Below is the request url :
https://dev-my-id.okta.com/oauth2/default/v1/authorize?client_id=0oa14cwbxyudJGVdr4x7&code_challenge=5QqCuQ-BjTJ7uoFVgpX2ourrL7XBxZ39WSSvvw1GDPw&code_challenge_method=S256&nonce=2HbF0A4V664QRo4CXSD51XhI8cGIWBzRvVxGIzyevzhlVByLYlz3NPkBEOcd0Ld3&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fcallback&response_type=code&state=jpew68c6Nwo6skLAPqtdtf4uXxTriKJMPiat7YxDUSvCXH87GSoSa9eeQsSxEnnH&scope=openid%20profile
Check to see if the OIDC application you are using in Okta is set to active. That may be the cause of the 400 error you are seeing.
Our application is a Spring Boot application and we have gotten a requirement to implement OAuth2 authorization with the IdentityServer3 as the provider.
However, with everything set up properly, we keep getting the error The client application is not known or is not authorized. when redirected to the login screen of the SSO system.
Using postman, we are able to access the login screen when clicking 'Get New Access Token'
Using AdvanceRestClient, we get the same error as our Spring Boot application.
Checking the log of these 2 tools, i found that on postman, the request will POST to the Access Token URL first, while on both Spring Boot security and the AdvanceRESTClient, it will generate a GET URI to the authorize URL.
Example of POSTMAN:
POST https://login.xxx.com.my/LoginHost/core/connect/token
Example of AdvanceRESTClient first request:
GET https://login.xxxx.com.my/LoginHost/core/connect/authorize?response_type=code&client_id=xxx.web&redirect_uri=https%3A%2F%2Fauth.advancedrestclient.com%2Foauth-popup.html&scope=openid%20email%20profile&state=XXX
This is confusing. Which behaviour is correct? And why is there a difference there?
Hope anyone can help with this. Thanks.
* UPDATE 1 *
POSTMAN settings:
AdvanceRESTClient:
After looking at the console logs of both client, it seems that the issue is caused by the redirect-url. After changing the redirect url on AdvancedRestClient to match with postman settings then it works.
I have referred http://www.broadleafcommerce.com/blog/why-your-ecommerce-site-should-integrate-with-spring-social to bring fb and twitter login to my broadleaf site but i am facing following error despite trying many of the solutions posted on stackoverflow and twitter dev support
GET request for "https://api.twitter.com/1/account/verify_credentials.json" resulted in 401 (Unauthorized); invoking error handler
Anybody have any idea how to deal with this error? Is it because in the tutorial 1.0.2.RELEASE version of spring social is used?
After days of effort finally got to know the issue. The problem was version of spring social api. Since the post i was referring to was of sept,2012 as a result i was using 1.0.2-Release which used auth1.0 to connect to twitter but in 2013 twitter started using auth1.1 whose support is in spring social 1.0.3-Release api. Hence i simply changed the version of spring social and the problem got resolved.
Also one thing i found out the twitter does not allow user's email id to be seen so the api calls to get email of a user will always return null.