I have just trying to make one sample application, by which I can login in to my website by Windows Live Id OAuth Protocol.
My application (Downloaded one sample available on net) is working fine. It opens the popup where i can supply my credential for windows live Id and then redirect back on the Redirection URL supplied in my account.
I noticed that when i supply live URL (lets say..... myappp.sample.com) it is redirect perfectly. But when i try to put (http://localhost:52254/WebSite9/default.aspx) this is not supported in my account.
(error -> You must enter a valid domain that begins with http:// or https:// - query strings are not allowed. Length is limited to 248 characters.)
My question is that, How can i use to test the whole thing in my local environment. Because it is not redirect back on localhost URL. Only redirection to Live URL.
Is there a way by which I can test the Live Id OAuth with development environment??
East cake. Put in something like:
http://www.anydomain.com/ in the live app page.
Then add that domain to the host file of your machine (or intranet dns or whatever) pointing to 127.0.0.1.
The redirection is just a 302 redirect that happens in the browser.
Related
I have a domain, ‘example.com’ and when I share some of its web pages via a mobile browser (only in Safari and chrome app) to social media, the URL is displayed as an IP ex(http://31.08.94.4:99999) instead of my domain name.
I'm working in laravel framework.
For a clear understanding, I updated screenshot below,
This is the screenshot of what happens when I share from my mobile:
http://prnt.sc/nkxfj5
And this is what happens when the proxy IP is shared instead of the actual domain name:
http://prnt.sc/nkxg8f
I got an solution for this issue,
canonical url of site is used while sharing the site.
So check your canonical url set in your site using,
document.querySelector('link[rel=canonical]');
This could be something on your webserver side. Are you using Apache? In that case check your virtualhost settings to make sure no direct access is even possible and it's set to your domain. For Nginx I'm not sure. Did you also check your DNS settings?
I have very little experience with APIs which is something that I'm trying to change so I'm trying to get started with the Tumblr api. I've installed the tumblr_client gem (documentation here) and am following the instructions. I've created an application on a new Tumblr account and have the necessary OAuth information (consumer_key, consumer_secret, ect.) Actually getting it to do something is proving difficult, so like a good little programmer I'm trying to get the console going to explore a bit.
This requires a bit of setup, so I'm following the instructions here:
The first time that you go to use the irb console, if you have no
.tumblr file, it will walk you through the process of generating one.
You will be prompted for your consumer_key and consumer_secret (which
you can get here: http://www.tumblr.com/oauth/register) and then sent
out to the site to verify your account. Once you verify, you will be
redirected to your redirect URL (localhost by default) and copy the
oauth_verifier back into the console. Then you're all set!
I'm prompted for my key and secret, then I go to the URL where I'm supposed to give authorization. Tumblr gives me a popup which reads "Is it alright for this application to access some of your data and make posts to your account? You are logged in as example#example.com" and the options to cancel or allow. I hit allow and it just takes me into the account itself, at no point am I ever given any kind of verification code that I can put in to get the console working.
At this point I'm stuck and can't go any further so I'm activating the network. Any ideas as to where I'm going wrong?
Did you specify a redirect or callback url at any point in the oauth config process? It's probably done on tumblr's API website. This url would be your app's endpoint to which Tumblr sends a request to with the user's data. By the way, oauth can sometimes be confounding to set up. You won't be able to use localhost as a callback url, for example, though you can get a temporary domain name with a free local tunneling app.
edit To go into more detail on some of these points ...
callback url: To reiterate, this cannot be localhost. Setting the correct callback url will get you unstuck from your current predicament. Instead of redirecting to the tumblr homepage, you want the confirmation page to redirect to your app. Anyway, I think you're totally sensible to want to test it out before you deploy. But unless you deploy or use a local tunnel, your local application doesn't actually have a URL that can be reached from anywhere except your computer.
local tunnelling services: ngrok, localtunnel. To give an example with ngrok: Say you have a Rails server running on port 3000. Then in another terminal you run ngrok 3000 and you get a url which exposes your local server to the real internet. Note that this changes every time you restart ngrok (unless you pay them). In your application, you should make a unique route for the callback. Say you have a route which matches /oauth_callback to the oauth_callback controller action. Then the route you'd provide as your callback url would be http://MY_CUSTOM_NAME.ngrok.com/oauth_callback.
The controller action: I don't specifically know how Tumblr sends user data to the callback. Perhaps the information is in the headers or maybe it's in the body. It might be JSON or XML. Whatever it is, you can explore the data by placing a breakpoint in your controller action. You can inspect the params, headers, etc. I'd expect that they'd give you some token credentials and probably a user name/email as well.
I am trying to set up google authentication for my local project. I run projects in python virtual environments and have different local domainnames set up for those. Names like projectname.dev. When i enter http://projectname.dev in browser the site opens up.
When i went to https://console.developers.google.com/project/< myprojectid >/apiui/credential?authuser=0 i could set values like javascript origin and authorized redirect uri there. I set javascript origins to http://projectname.dev and tried to put same domain for authorized redirect url too, but it did not work and i had to leave it to localhost.
When i tried to authenticate via django-allauth, i got such response from google:
**Error: invalid_request**
Invalid parameter value for redirect_uri: Non-public domains not allowed: http://projectname.dev/account/google/login/callback/
Now my questions are:
Can i develop this part of project locally with domainname like projectname.dev or do i need to set it up for localhost? Will local redirect from localhost -> projectname.dev work?
If i can do it with projectname.dev, then perhaps there is an error in the way i have this project set up in google developers console?
In any case, if you cannot set the redirect URI in the Cloud Console, Google will throw you our when you try to authorize the app.
My recommendation would be to choose either of those solutions :
Use "localhost" as you said, with some kind of redirection/NAT/proxy to projectname.dev
Replace projectname.dev with a domain with an actual tld such as projectname.thisdomaindoesnotexist.com . Then configure this domain name to map to your servers.
Or wait for ".dev" to be recognized as an actual TLD, and you'll be good :)
I have a Windows Server 2008 R2 virtual machine with IIS 7.5 hosting a ASP.NET MVC4 website. The WinServer has a public ip address. I also purchased a domain name. The domain name hosting company forwards requests to my server.
For example, when a customer types www.mycompany.com, the request is redirected to 217.151.XXX.XXX which is my server's public ip address.
When the customer is redirected to my server, everything is working. He sees a homepage in the web browser and with address www.mycompany.com in browser's address bar. However, when he browses through different pages in the websites and got redirected, the browser's address bar displays 217.151.xxx.xxx/order/detail instead of www.mycompany.com/order/detail.
I tired IIS url rewrite which rewrites 217.151.xxx.xxx/order/detail to www.mycompany.com/order/detail
But that results in the browser freezing, waiting for a response. My guess is that when IIS rewrites the url to www.mycompany.com/order/detail, it sends a request back to the domain name hosting company. The company interprets the request and redirects it back to 217.151.xxx.xxx which causes a infinite loop.
How can I have the domain name always displayed in the borwser's bar?
A very general issue when we map domain with IP
Check this out.
http://help.lockergnome.com/windows2/Domain-static-IP-mapping--ftopict485575.html
I have two MVC3 sites, both hosted on the same server that I've configured to use the same authentication cookies.
The first site is an intranet site using Windows authentication. This site has one simple Action that checks to see if the user was authenticated, if the user has been, it creates a FormsAuthentication cookie that it adds to the response. This cookie is created for a generic user that I determine from the User's AD groups. The response then redirects the user to a second site that uses Forms Authentication.
When I run this on my local machine, everything works as described above. When I deploy this to our local web server, it doesn't. I've tested to see if the user's group is correctly determined and that it creates a valid user for the cookie, and I have verified that this is correct on the web server.
Here is how I'm doing all of the above:
First, I made both sites use the same same Machine Key for encryption and decryption.
When I create the cookie in Site1, I ensure that it has the same name and Domain as the cookies created on Site2.
var cookie = FormsAuthentication.GetAuthCookie(userName, false);
cookie.Domain = FormsAuthentication.CookieDomain; //This is the Domain of my 2nd site as they are different
HttpContext.Response.Cookies.Add(cookie); //Add my cookie to the response
HttpContext.Response.RedirectPermanent(urlForSite2);
Again, when I run this on my local machine it works without a problem. But when deployed, it's either not passing the cookie in the request, or the response is ignoring it, but I'm not sure how to verify either of these cases.
Feel free to ask any question regarding more details as to how I'm doing this if it will help in getting an answer I need.
Cross domain cookies are not allowed. If you have two separate domains; one cannot access the others cookies. Two separate virtual directories/applications will work when using the same machine key. http://blogs.technet.com/b/sandy9182/archive/2007/05/07/sharing-forms-cookie-between-asp-net-web-application.aspx
If you want to share login cookies between sub-domains you need to edit the Domain property of the login cookie to the 2nd level domain "abc.com" so that "www.abc.com" and "ww2.abc.com" will have access to the cookie. http://forums.asp.net/t/1533660.aspx
String usrName = User.Identity.Name.ToString();
HttpCookie authCookie = Security.FormsAuthentication.GetAuthCookie(usrName, false);
authCookie.Domain = "abc.com";
Response.AppendCookie(authCookie);
Actually, it is possible, but isn't as simple as the domain/sub-domain cookie sharing.
http://www.codeproject.com/KB/aspnet/CrossDomainSSOModel.aspx
While the example given in this article didn't apply directly to what I was doing, I could use some of the ideas expressed there to get what I needed working. It ended up being my configuration settings in site2 web.config.
My URLs are as follows
Site1 = http://site.stage
Site2 = http://site.stage.MyCompanyName.com
Site 1 requires a host entry addressing it to a specific IP address of the hosting machine. It's also an entry in my IE Security settings - Local Intranet Sites.
I should note that these applications are both virtual directories running under the same default website.
I thought I had solved my problem but setting the Domain in the config file to and empty string, but this didn't work. I'm not sure what can be done now. This still works when I run it on my local machine, but not when I run it on my server. The only difference is the urls.
My dev machine is using the urls
Site 1: http://localhost/CompanyName.TVAP.IntranetSite
Site 2: http://localhost/TVAPDev/
I hope this adds some clarification. This Answer should really be posted as an edit to my question, but when I originally posted it, I thought I had it working.
UPDATE: I think my answer is in my URLs above. My dev machine URLS both are using the same domain name, which in this case is localhost. I think if I alter my deployed websites to use the same domain, I will be OK. I'll post an update when I get it worked out.