I'm trying to set up an OAuth Flow integration with another site and the redirect URL they have set up for me to test the integration is 'https://localhost:3000'. When redirected back to this link, the page doesn't show my localhost, it just gives Google's "This site can’t provide a secure connection" page. Is there a way to access localhost on https? or do I need to ask the integration site to change my redirect URL?
Related
My site uses spring social (1.1.6.RELEASE) and spring social facebook (2.0.3.REALEASE) to let users to sign in with their Facebook accounts.
Recently, Facebook requires all websites to use HTTPS based URIs for "Valid OAuth Redirect URIs". Here is what I have for "Valid OAuth Redirect URIs" at Facebook:
https://www.example.com/signin/facebook https://localhost/signin/facebook
I followed the suggestion at https://jira.spring.io/browse/SOCIAL-447 and have custom classes for FacebookConnectionFactory and OAuth2Template so that redirect URIs can start with https.
Everything works correctly on my laptop. However, I am unable to get it work for the site on the internet.
Here is the environment of my system: A load balancer device distributes requests to two Dell boxes. The loadbalancer takes HTTPS requests and sends HTTP requests to boxes.
Here is what I experience on the internet site: when I click the Facebook button to start authentication with Facebook, I am directed to Facebook login. After entering correct username and password, I am redirected my site, but with an exception: Here is the exception message:
Response body: {"error":{"message":"Can't Load URL: The domain of this
URL isn't included in the app's domains. To be able to load this URL,
add all domains and subdomains of your app to the App Domains field in
your app
settings.","type":"OAuthException","code":191,"fbtrace_id":"GeA8sXoebS3"}}
I have example.com in the App Domains field at Facebook, but it still fails. Does the system setup (including the load balancer) play a role here? I believe so, but cannot figure out how to fix it? Spent quite an amount of time and no success.
Any suggestion and info would be really appreciated.
Update
My site has been using SSL for a long time. It's authentication with Facebook was working before, but now it is not because of "https" requirement Facebook recently imposed.
can i write some code to make it secure ?? or what can i do ??
when login in my website make it Not secure As it is shown in the picture
Google chrome is showing "Not Secure" if you don't have SSL certificate. If you want to show label "Secure", you need to run your website under HTTPS
I'm trying to setup Let's encrypt SSL for a Magento website at
https://turbofun.no/
It shows SSL correctly. However, the problem is if i access it using
http://turbofun.no/
It shows normal page without https. I think it should automatically redirect viewer to https because it is homepage.
I read some topics about adding rewrite rules to redirect all http to https but i just want to use https on homepage, checkoutpage, customer login page.
Do you know what i missed in configuration? Thank you
I'm using basic authentication on my site, which does a simple windows popup asking for username and password. I'm wondering if there's a way to redirect http traffic to https traffic before this popup? Currently, i'm using a custom redirect error page, so when someone goes to http://www.mysite.com/ the popup comes up and asks for username password, and after they enter it the page redirects http traffic to https. But i'm assuming that password is sent in clear text, since the redirect is happening after the login attempt.
I've tried playing with IIS, and javascript on the page itself, but it seems the popup is happening before any of that comes into play. Is there anyway to redirect before that popup comes up?
Thanks!
I know this is old but here is how I managed to achieve this for anyone who would need the same.
Remove the HTTP bingind on the target domain's virtual server
Create a second virtual server for the same domain with only HTTP binding
Add a rewrite rule to the new virtual server that redirects all trafic to the HTTPS version of the domain
This is the only straight forward way i found and it is probably the simplest.
Voila!
My application work with Google API. After authentication, it directs the response to redirect URL.
Can i redirect response to my local URL so that i can test my application.