I have a node js web app on Heroku that connects to the Spotify API through the Spotify authorization code flow. The web app works completely fine and allows the user to log in and the redirect URI works perfectly fine as well.
However, I purchased a domain from Namecheap that I linked to Heroku as a custom domain. Everything works fine, except for the fact that my custom domain somehow fails when trying to log in to Spotify. Keep in mind that if I go to the default herokuapp domain for my web app, the login works perfectly. But when I use my custom domain, it doesn't work. I made sure to add the custom domain as a redirect URI as well, so that isn't the problem.
If anyone could please help me figure out the issue, that would be greatly appreciated.
This link shows a short video of the problem:
https://www.youtube.com/watch?v=oJjX5q43Ve0
The first site in the video is the default herokuapp webpage, which works flawlessly. But the second site, which is my namecheap custom domain, just brings me back to the main login page even after signing in through Spotify.
Related
I'm looking at ways to modernise some of our existing web apps without a total rewrite. One idea that's being bandied around is having pluggable modules that can be written in more up to date languages that can be bolted onto the existing webapps.
I tried this out with both an iFrame approach and also using Azure Front Door routing, so that even though I had separate Azure App Services, I managed to get everything to appear as though it was part of the same web app/domain with routing rules.
Unfortunately both these methods failed once I secured the websites using Azure b2c. As an example, I tried to create two bog standard asp.net core mvc apps (deployed in Azure as AppService1 and AppService2). I secured them both using b2c with separate b2c apps. I checked I could log into both apps successfully. Also once I logged into one app, I could go to the other via a different browser tab and didn't need to log in so I knew that SSO was working.
I then tried to embed one app service in the other via an iFrame and got the following error
Refused to display 'https://xxx.b2clogin.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
Didn't pursue this so my next step was to try and use Azure Front Door routing to help me out. I managed to get this working for the top level app service (AppService1) by following this post
Exception: Correlation failed. AAD + Azure Front Door
However, I haven't managed to get the routing to AppService2 working. Here's what I tried
Attempt 1
Added a routing path in front door that used /service2 as 'patterns to match'. AppService2 had the following CallBackPath
"CallbackPath": "/signin-demo"
Used a b2c app which a redirect URL of
https://<frontdoor url>/signin-demo
When I try to go to https://[frontdoor url]/service2 I just get taken to the following URL
https://<frontdoor url>/signin-demo
which doesn't display anything.
Attempt 2
Changed the b2c app to one that used a redirect URL of
https://<frontdoor url>/signin-oidc
which is the callback path of AppService1. Doing so gives the error when going to https://[frontdoor url]/service2
Unable to unprotect the message.State.
So, I'm not sure what to try next. What I'm doing feels like it should be possible but I wonder if anyone could help or work out what I'm doing wrong.
Many thanks
I'm using quite a completely vanilla Fortify setup, sending email verification links is working with mailtrap. However, when I click the link in the mail, it opens the app and makes the user login, after which it doesn't redirect back to the verification url, but just shows the homescreen that tells the user to verify their mail.
The only way the verification link does work is when you paste the link in a tab where the user is already logged in. At first glance, to me it seems like a browser issue, that the browser doesn't preserve the cookies, but I've tried with different browsers (Safari, Chrome and Firefox) and all have the same issue. I run the laravel app locally through valet (or expose when I need to test API calls from a third party service) and dev environment on ubuntu 20.04, both have the same issue.
this week one of my client sent me an email saying that the url of the heroku's app was redirecting to another site myapp.com/index.cfm?fa=main.tradelogin. The name of this site is Pressgeek.com.
But if I use myapp.herokuapp.com it works fine. I checked my github repo to see if there was some redirect there but I didn't find any. I also checked the heroku's settings and there were ok.
I never had a problem like this, someone know what to do? Thanks
So I am fairly new to laravel and especial to its deploying. I set up a fortrabbit application and got my website running so that's all good. The thing is though, the app url is not the one I wanted. I have an older website running without Laravel, and that is the url I want it to be hosted on. I have the ftp credentials for the old site but I have no clue how I can sort of clone the new Laravel site to the old one.
Briefly, I have a Laravel app running on insertname.eu1.frbit.net but I want it to be hosted on www.insertname.com which an older site is being hosted on for the time being.
Can anyone help me out? There must be a way to do this. Thanks alot!
The fortrabbit "App URL" is meant for testing/development/configuration and can't be changed. However you can route other domains to your App on fortrabbit. You do so by pointing the domain to the "App URL" via a CNAME and by registering the domain in the App settings in the Dashboard.
I have made a Facebook app in Ruby (using Sinatra and Koala), deployed it on Heroku and sat up all the settings and it works that way, but now I have to debug some functionality and for that reason I need to run application from localhost (using foreman start).
I have read somewhere that I should make development version of my app and specify site url to localhost:[port_num] and I have done so.
The problem is when user(me) reach localhost:5000 and application redirects it to Facebook to get permissions (when Facebook login dialog should appears). At that point this error occurs:
App Not Set Up: The developers of this app have not set it up properly for Facebook Login.
I saw this issue but in my development version of app there is no status and review settings and I don't see how to make application alive.
How to set up my app for Facebook Login while it runs on localhost?
or
What is the proper way to run Facebook app from localhost to get full functionality?
The problem laid in Advanced settings in security section - development app "inherits" settings from base app so in Settings->Advanced->Security->Valid OAuth redirect URIs was initially url of my base app not my localhost:5000 and it causes a problem. One of solutions is to leave this field empty (and leave app open to redirect attacks) or to fill this field with your Site URL.
It seems that development version of an application can't be "alive".
To allow Facebook Login for users of your development app you should register them as testers under Roles tab.