I'm using Laravel Socialite in a project and added the Twitter Provider in order to be able to allow my users to integrate with their Twitter account. I followed the steps here https://socialiteproviders.com/Twitter/ and I'm getting the following error:
Received HTTP status code [401] with message "{"errors":[{"code":32,"message":"Could not authenticate you."}]}" when getting temporary credentials.
If I leave the TWITTER_REDIRECT_URI in my env file blank, the error goes away and the Oauth flow works exactly as it's supposed to. Is anyone else having this issue? If the TWITTER_REDIRECT_URI isn't needed why have it in the docs?
Related
I am developing a NextJS application using next-auth with Google Oauth 2 as its authentication provider. The production build is running on Heroku. When attempting to sign in on my production build, Google OAuth is giving me "Error 400: redirect_uri_mismatch". Normally this would be an easy fix, except the exact uri is already registered in Cloud Console.
.
I have also tried added many different permutations of my uri, but this did not help.
This issue not solved by 11485271 or 69151061.
Error in question:
Error 400: redirect_uri_mismatch
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy.
If you're the app developer, register the redirect URI in the Google Cloud Console.
Request Details
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: https://middcourses2.herokuapp.com/api/auth/callback/google
And here is a link to the list of authorized domains in GCP.
Solved! So for some reason, Google changed my Client ID and Client Secret after I already set up those env variables. Once I noticed the change and inputted the new values it worked fine.
For me, clientID was not the issue, but this was due to a trailing slash( / ).
redirect_uri must be an EXACT MATCH on the developers console.
In the Google Cloud console, I had http://localhost:8080 under the redirect URIs in the list while my code was sending http://localhost:8080/ while making the oAuth call.
I am using drf + ReactJs to do social login am able to integrate google login and facebook login using django allauth package , but when I tried to integrate linkedin login getting error :
invalid redirect uri
TO be more precise am getting this error
allauth.socialaccount.providers.oauth2.client.OAuth2Error: Error retrieving access token: b'{"error":"invalid_redirect_uri","error_description":"Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists"}
----few updates after tying out few fixes -----
Tried fetching the access token from backend and login the user using a seprate api it showed the redirect uri issue.
Tried directly calling the linkedin token url from postman and now I get Invalid request error.
First method worked after few tryouts but now getting incorrect value error.
Tried fetching code with scope as r_liteprofile but now getting 403 forbidden
{'serviceErrorCode': 100, 'message': 'Not enough permissions to access: GET /me', 'status': 403}
I tried changing url to backend and frontend both showing same error. Can anyone get me how to fix this issue ?
I am not sure what all additional details needed for sorting this out, Please let me know if any needed.
Finally able to find the solution
the issue was with the code generated from the sdk used to implement linkedin login in reactjs, which has only scope
r_emailaddress
r_liteprofile
Adding additional scope
w_member_social
And regarding redirect uri issue
we are suppose to use the same redirect uri in both frontend and backend
made things working , posting this here since it will help someone in future facing same problem.
thank you all
I am working with Zapier, and trying to authenticate user using OAuth2. I am using the Laravel(5.5) Passport(^4.0).
I am trying to use defalut passport routes "https://laravel.com/docs/5.5/passport".
But when it goes to "oauth/authorize" GET method and if user is not logged in then gives me {"error":"Unauthenticated."} instead of redirecting to Login page. And if user is logged in already then worked well.
Is there something i am missing and where I can check to resolve this issue.
Thanks and Regards
You are working with Oauth2 so you will get 401 and {"error" : "Unauthenticated"}. It is up to you to handle the unauthenticated response to the server (e.g. your js front end will redirect or your mobile app show login page).
We are using Zohocrm api v2 for getting currently logged in user. It works fine for most of the logins.
But we are getting 403 for one of the user account.
URL https://www.zohoapis.com/crm/v2/users?type=CurrentUser
HEADERS {Authorization=Zoho-oauthtoken 1000.786ecda99xxxx}
Response
{"code":"NO_PERMISSION","details":{"permissions":["Crm_Implied_Api_Access"]},"message":"permission
denied","status":"error"}
Response Code 403
Note: From the same zoho team other 2 users were able to login.
Please suggest.
Just adding the steps with which I tried in Postman. It works for me.
If at all any of the steps are different from yours, you could try these steps instead.
Add the client to get client secret
Generate auth token giving client id and secret (and scopes)
After this step, oauth permission request page will be shown, asking user to confirm access to Accounts User Profile and CRM users info. Both have to be accepted.
Use the latest generated token in postman
Execute API GET
laravel
Client error: GET https://www.googleapis.com/plus/v1/people/me?prettyPrint=false resulted in a 403 Forbidden response:
{"error":{"errors":[{"domain":"usageLimits","reason":"accessNotConfigured","message":"Project
892227784590 is not found (truncated...)
Make sure you've created an application in Google's console and also have your client id and client secret from google. Also make sure you've configured google option in your config/services.php.