Strapi:google providers issue - strapi

I have a question regarding Providers.
I'm using Strapi in the docker with Nginx reverse proxy and I set up google provider and service.js I added URL: env("", "https://my-link.com/api"),
in the beginning, everything was working fine till I clear the browser cache. Now I'm getting an error
Grant Missing session or misconfigured provider
so when I call /connect/google/callback its fail with 302
On the Strapi website, I found this but not much clear how to debug the issue
Grant: missing session or misconfigured provider: It may be due to many things.
The redirect URL can't be built: Make sure you have set the backend URL in config/server.js: Setting up the server URL
A session/cookie/cache problem: You can try again in a private tab.
The incorrect use of a domain with ngrok: Check your urls and make sure that you use the ngrok URL instead of http://localhost:1337. Don't forget to check the backend url set in the example app at src/config.js.
Thanks in advance.

Related

Nginx / Laravel multi tenancy SSL management

Working with a multi tenancy solution where users are to be allowed to set their custom domains - the solution works just fine. However, looking for suggestions on how to get the SSL installed on those custom domains and set them in Nginx so they are served via https route.
In theory, as soon as the user adds custom domain from the backend - SSL is to be installed once A record / CNAME is verified to be pointing correctly. We will be getting Letsencrypt SSL and need an approach on how to handle Ngnix config to provide SSL key to it can be served.
If anyone has produced a similar solution and can shed light on how to approach this, that will be great.
Thanks in advance.
You can solve it by manually issuing certificates using Let's Encrypt and then adding new NGINX config file for serving new domain
Or you can just switch from NGINX to Caddy and it will automatically do it for you! Also you could specify in your application route file a route for a domain whitelist check to prevent unauthenticated domain issues

Google OAuth2 integration Error 400: redirect_uri_mismatch

I'm getting this error Error 400: redirect_uri_mismatch even after giving the proper redirect uri. You can check the images below for the reference. It works for my localhost but it shows this error for my server. My domain looks like https://xxx.topLevelDomain.com. I'm not able to find the possible cause of this issue after surfing most of the issues related to this error. Although, I guess the issue maybe because I'm using a subdomain here, but still not sure if its the issue.
Application info:
frontend is in react hosted on https://someTopLevelDomain.com
backend is in spring boot hosted on https://someSubdomain.someTopLevelDomain.com
Your application is sending from as http to a .com domain
In google developer console you have only one http domain listed and that is localhost
The redirect uri you are sending from must exactly match one that you have added in google cloud console.
To understand how to set up your redirect uri properly check Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
where is the redirect uri comming from
Depending upon the programing language, the ide and the client library you may be using will define what redirect uri your application is calling from.
For example i know that visual studio likes to add random ports with C#. I cant tell you what is generating your redirect uri i can only tell you that
The following needs to be added to your google cloud console.
http://________.com/login/oauth2/code/Google
or you need to figuer out what is setting the host on your requests and set it to use https so that you can use the one that you have there now
https://________.com/login/oauth2/code/Google

plaid development redirect uri?

I would like to test some real data with plaid and that's why i am using development environment now instead of sandbox. And I am confused what redirect uri should i use.
This is the error on my localhost:3000.
Unable to fetch link_token: please make sure your backend server is running and that your .env file has been configured correctly.
Error Code: INVALID_FIELD
Error Type: INVALID_REQUEST
Error Message: redirect_uri must use HTTPS
I understand that for development envrionment we should use https instead of http, but I wonder what uri should i redirect to if i am only testing the API?
Thank you
If you don't particularly care about using the Quickstart with OAuth redirect flows, and just want to use live data from Development, you should just be able to leave that field blank.

Flask / CSRF Missing/Expired Token for users with a Proxy on Heroku

Using Python/Flask hosted on Heroku (using SSL with some other additional security features) I'm having an issue where users using a proxy browser extension proxy (usually regular proxy servers that are on before the browser is open are fine) are causing missing CSRF token errors when users submit forms.
The only thing I can find online about this issue is https://nickjanetakis.com/blog/fix-missing-csrf-token-issues-with-flask but I can't mess with the config as referenced here.
Everything works fine if the proxy is on your machine (not a chrome web browser proxy).
Has anyone had this issue before? The only information I can find references if your server is on a proxy, not your user...
Thanks for your insights and help!

Setting up google project for authentication api

I am trying to set up google authentication for my local project. I run projects in python virtual environments and have different local domainnames set up for those. Names like projectname.dev. When i enter http://projectname.dev in browser the site opens up.
When i went to https://console.developers.google.com/project/< myprojectid >/apiui/credential?authuser=0 i could set values like javascript origin and authorized redirect uri there. I set javascript origins to http://projectname.dev and tried to put same domain for authorized redirect url too, but it did not work and i had to leave it to localhost.
When i tried to authenticate via django-allauth, i got such response from google:
**Error: invalid_request**
Invalid parameter value for redirect_uri: Non-public domains not allowed: http://projectname.dev/account/google/login/callback/
Now my questions are:
Can i develop this part of project locally with domainname like projectname.dev or do i need to set it up for localhost? Will local redirect from localhost -> projectname.dev work?
If i can do it with projectname.dev, then perhaps there is an error in the way i have this project set up in google developers console?
In any case, if you cannot set the redirect URI in the Cloud Console, Google will throw you our when you try to authorize the app.
My recommendation would be to choose either of those solutions :
Use "localhost" as you said, with some kind of redirection/NAT/proxy to projectname.dev
Replace projectname.dev with a domain with an actual tld such as projectname.thisdomaindoesnotexist.com . Then configure this domain name to map to your servers.
Or wait for ".dev" to be recognized as an actual TLD, and you'll be good :)

Resources