I am implementing a website and i implemented a facebook login with the help of socialite package. It was working fine but suddenly it starts saying GuzzleHttp\Exception\ClientException
Client error: `GET https://graph.facebook.com/v3.3/me?access_token=EAAJWzLrZAbJ8BAHBPV56l7CG5THpGlgaKWDJY6AYoZACvMv9GjmjQ0PBRjbdZBFbTqpM5wuuo30hvnALWLBKpmgl7k82MR2nXmbMtWQLodxoNNreiz2crqnYbPYltmUKaM8IJg5aw9nUIgchh84LOBJ8XL2gBe279o4rlRamgZDZD&fields=name,email,gender,verified,link&appsecret_proof=66c071ea673cecd2df8d35c9dad4aaffb4dad595fb03628898b0e6078186b143` resulted in a `403 Forbidden` response: {"error":{"message":"(#200) Missing Permissions","type":"OAuthException","code":200,"fbtrace_id":"AUoFNG89hfmlPG13WW8rbF (truncated...)
I haven't touched this code but ti shows me this error.
My apps throw the same error. It seems to be an issue on Facebooks side. A fix is already in the works.
https://developers.facebook.com/status/issues/817076795498952/
Though this issue is fixed, you can try this for any future issues.
Goto vendor->laravel->socialite->src->Two->FacebookProvider.php
Find this line 28 and replace:
protected $fields = ['name', 'email'];
This is for facebook new policy. Socialite requested for more fields like gender, link.
Related
I'm getting really frustrated with the new Instagram API, what I need to do is just get things like pictures, comments, and likes from my Instagram feed. I'm following all the steps that they mention over here https://developers.facebook.com/docs/instagram-basic-display-api/guides/getting-access-tokens-and-permissions, but I'm still not able to get the final access token I need in order to interact with the API. After getting a lot of different errors now I'm stuck with:
{"error_type": "OAuthException", "code": 400, "error_message": "Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request"}
I have verified everything in my Facebook developer setup and everything is ok, the OAuth URL is identical to the one I'm using in the curl command in order to return the access_token and all the setups seem fine. I have noticed that a lot of people are having the same problems but I can't find something that works for me.
This is the way I'm trying to retrieve the access_token:
curl -X POST https://api.instagram.com/oauth/access_token -F client_id=[client_id] -F client_secret=[code] -F grant_type=authorization_code -F redirect_uri=[url] -F code=AQDJxpW5h4r..
I have read that people are using postman and apparently it works over there but I don't know how to use it, any help will be really appreciated.
Upgrade on this, I was finally able to get the access_token via Postman and when I'm trying to use it now I got this error:
{"meta": {"code": 400, "error_type": "OAuthAccessTokenException", "error_message": "The access_token provided is invalid."}}
This is really disappointing, everything was working just fine before this API change. Any ideas?
Just review of the following in your checklist again:
APP_ID and APP_SECRET of "Instagram APP", which is a product added in the Facebook App.
Access Code once submitted in POST request using CURL or Postman, will become invalid for the next request.
The Website Platform is added in "Facebook App".
Test Instagram Users are added and are not pending.
Lastly, Authenticate using the Instagram Test User Profile.
I had the same issue, and actually lost some time solving it.
In my case I only made the configuration in Instagram Product but didn't change the configuration in the login by facebook product.
In summary, you should have in your app in Facebook developers, two products, one Login by Facebook and the other one Instagram. Both must have the same redirect URL.
Hope this helps.
I am using drf + ReactJs to do social login am able to integrate google login and facebook login using django allauth package , but when I tried to integrate linkedin login getting error :
invalid redirect uri
TO be more precise am getting this error
allauth.socialaccount.providers.oauth2.client.OAuth2Error: Error retrieving access token: b'{"error":"invalid_redirect_uri","error_description":"Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists"}
----few updates after tying out few fixes -----
Tried fetching the access token from backend and login the user using a seprate api it showed the redirect uri issue.
Tried directly calling the linkedin token url from postman and now I get Invalid request error.
First method worked after few tryouts but now getting incorrect value error.
Tried fetching code with scope as r_liteprofile but now getting 403 forbidden
{'serviceErrorCode': 100, 'message': 'Not enough permissions to access: GET /me', 'status': 403}
I tried changing url to backend and frontend both showing same error. Can anyone get me how to fix this issue ?
I am not sure what all additional details needed for sorting this out, Please let me know if any needed.
Finally able to find the solution
the issue was with the code generated from the sdk used to implement linkedin login in reactjs, which has only scope
r_emailaddress
r_liteprofile
Adding additional scope
w_member_social
And regarding redirect uri issue
we are suppose to use the same redirect uri in both frontend and backend
made things working , posting this here since it will help someone in future facing same problem.
thank you all
Call to undefined method GuzzleHttp\Psr7\Request::filledHeader()
This is the error that I'm getting when I try to fetch access token with refresh token.
I have google/apiclient - ^2.0 and as far as I can see it works with guzzlehttp/guzzle: ~5.3.1|~6.0.
I used laravel socialite and made a service for google. I'm making a offline request to fetch the refresh_token from google and update the currently logged user with it.So far everything works.
When I try to create a new Instance of the Google Client and fetch the token with the refresh token I get the following error
Call to undefined method GuzzleHttp\Psr7\Request::filledHeader()
$client = new Google_Client();
$client->refreshToken(Auth::user()->getUserInfo()->refresh_token);
$this->drive = new Google_Service_Drive($client);
The error is in the refreshToken. What am I missing and not doing right?
A friend of mine found a solution for the problem. The problem was that the http-message's MessageInterafce was updated and the filledHeader() method was renamed to hasHeader(). After updating guzzle to ~6.0#dev everything works fine.
"guzzlehttp/guzzle": "~6.0#dev"
I got this error when I create new client secret in new project.
That’s an error.
Error: restricted_client
Unregistered scope(s) in the request: https://www.googleapis.com/auth/youtube.readonly
Request Details
access_type=offline
response_type=code
client_id=487794563386-mujtj6b5iatnmvdailldn468gg028p8g.apps.googleusercontent.com
redirect_uri=http://localhost:61515/authorize/
scope=https://www.googleapis.com/auth/youtube.readonly
That’s all we know.
How could I fix that ?
403 errors are errors with the users access. The user you are currently authenticated with does not have permission to do what you are trying to do in your case it appears to have something to do with the following scope.
https://www.googleapis.com/auth/youtube.readonly
Its hard to know what you are doing without seeing your code. I suggest you attempted to authenticate your user again. IF you changed the secret then its not going to work with a refresh token generated by another secret.
I am going to contact Google to be sure that there hasnt been any changes recently. I cant see anything in the change logs myself. There may have been a stealth change that they didnt release.
Status
im am experiencing problems with the email validation in the appcelerator platform. I have everything configured right and the email arrive in my inbox when a new user is created, but, for some reason, the link to activate the account returns: Fail to confirm user. 400 Bad Request - Invalid app key
I checked in the tiapp.xml and checked if the api keys are properly configured and everything is alright. I have no idea of how appcelerator generate this link to verify what happen. In my template uses the link below:
https://cloud.appcelerator.com/users/confirmation?key={{key}}&confirmation_token={{confirmation_token}}
What im doing wrong? =[
Seems that the documentation is wrong. Only works if the link in the template is https://platform.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
I just encountered the same issue and can confirm the bug in the documentation. The correct url is indeed
https://platform.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
I'd like to add that there is probably a similar defect in the following documentation for password reset url:
http://docs.appcelerator.com/arrowdb/latest/#!/api/Users-method-request_reset_password
The documentation says the password reset url (if using Appcelerator instead of custom website) should be
https://dashboard.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
It seems wrong (copy-paste from email confirmation url perhaps).