NextJS API Routes Callback - api

In my application I want to offer users to connect their Google account in order to receive data from the Google Business API.
I pass the API Route as a redirect URL, as I want to catch the code passed and write the token to the database.
Unfortunately when redirecting to the redirect URL and rendering this API Route returns in ERR_SSL_PROTOCOL_ERROR.
How can I correctly work with the API Routes to not render them in the UI, but use them to perform the action.

I solved the problem. I was redirecting to https://localhost:XXXX
Unfortunately there is no https on localhost and hence http://localhost has to be used

Related

Redirect url to VueJs SPA

I am having a scenario, where we have a common login page for all our services. Currently, we are redirecting to different websites, based on the user at the login.
I have developed a SPA website in vue for one of our client and I need to redirect to the site from the above login service. The service redirects with a token and id in the url as parameters and based on those params, I need to authenticate in my web page. But my problem is, how the Vue js can get this url as BASEURL? As in when url looks like https://clientsite.ca/?token=************&id=**** how to get to the home page from there and validate token and id ?
Please help me

Can I override callback url with sub-domain for Xero OAuth2 authentication

I have a Rails App that accesses Xero using new OAuth2 authentication, where we use a sub-domain to isolate different organisations. eg https://domain.example.com
To date we have to create a new Xero App for each domain, as we have to specify the callback url for the app, which in the case above would be https://domain.example.com/auth/xero_oauth/callback
Is it possible to register a single App with Xero with a callback URL of https://example.com/auth/xero_oauth/callback and to then override the URL, adding the sub-domain, for the Connection phase.
I'm fairly certain I could do this with the previous OAuth1 version.
I also have this requirement, but its not the first time I've bumped up against this issue with OAuth applications.
I work around it by adding the subdomain to the state parameter that's passed in to the initial authorization step, and passed back to the redirect URI:
$state = json_encode(['uuid' => $uuid, 'subdomain' => $subdomain]);
Then in my redirect URI I extract the subdomain from the state, and perform another redirect to that subdomain along with the UUID (to perform CSRF check).
The downside with this approach is the state is only passed back on success; if the OAuth flow encounters an error, your redirect URI won't be able to determine the correct subdomain.
EDIT: Turns out Xero does return the state regardless of success or failure :)
thats an interesting use case. Pretty sure we don't allow wildcard subdomains in the callback urls, and the limit is 3 per app. But I will check next week! Have you created a ticket with api#xero.com? Also if you open an issue on the Ruby SDK I can try and sort this for you soon.
Thinking through this out loud.. might be possible to step in front of the callback url.. though probably would cause issue with the Xero client generation as it needs to match the OAuth2.0 settings in /myapps.. Could you redirect back to your root domain just for auth, then kick them to their subdomain post success?

How to understand the Google Redirect URI correctly?

From Google Developer Console page, it explains the meaning of "Google Redirect URI" is :
Determines where the response is sent. The value of this parameter
must exactly match one of the values registered in the APIs Console
(including the http or https schemes, case, and trailing '/').
Not sure, whether this explanation is same as my think or not:
On my app (web application), it allow user to sign-in via Google (Assume, I registered a Google project with ClientID/secrete configured on my web-app, and on Google COnsole page the redirectURI is "http://bbc.co.uk" ).
After I login to Google successfully by my Google account, my Web-app login page will be redirected to "http://bbc.co.uk" as on Google RedirectURI ?
That last sentence is a bit ambiguous. A better description is:
After I login to my Google Account successfully with my Google
credentials, Google will redirect my browser back to
Redirect URI http://bbc.co.uk that is registered for the web app in the Google > API Console.
Just to be sure: this means that the Redirect URI should be part of your web app. It is not actually Google's Redirect URI but it is the Redirect URI that you've configured in the Google API Console for your web app.
Let me see if i cant explain this in a different way.
What would happen if you didn't have a redirect URI?
If you go to the Developer console and create a Client ID for native application by default the redirect URI
This will redirect the Authentication back to where ever it was request from. In the case of native installed applications this is needed because there is no way to know where the user is that has installed the application.
Lets look at this in action
Request authentication:
https://accounts.google.com/o/oauth2/auth?client_id={clientid}.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/analytics.readonly&response_type=code
If you place the above line in a web browser the user will see something like this
Assuming they select ok then they get this displayed back at them.
That is the Authentication code, not to be confused with the access token. This is just the first step. Once your application has the Authentication code it can then exchanged that for a refresh token and a access token. Most client library handle this step internally. You and your users never see this Authentication code.
Back Redirect URI:
In the case if a web application your web application needs to be able to get a hold of that authentication code. Now I probably shouldn't be telling you this but you could just use a native application client in your web application and it will work. Why because the authentication server will just return the Authentication code back to where ever it was that requested it. For security reasons this is probably a bad practice.
So what do you need to place in the redirect uri. It is the file that you have ready to handle this authentication code. Normally its just the same as the login page, but you can have several. Just put each of them on separate lines.
http://localhost/login.php
http://www.daimto.com/login.php
I like to do this because then it works when i am testing locally vs when its up on the server.
I think the wording "Determines where the response is sent" confuses a lot of beginners as it implies that Google will somehow call that URL directly. Then the word "redirect" leads people to confuse the URL with the page of the app that the user will get to once he's authenticated.
http://bbc.co.uk is definitely NOT the redirect URL. A redirect URL would normally look like https://myapp.com/servlet_or_php_that_i_wrote_to_process_tokens.php
Google will "call" servlet_or_php_that_i_wrote_to_process_tokens.php by redirecting the browser to it. Once servlet_or_php_that_i_wrote_to_process_tokens.php as done whatever is needed with the token, it will then issue its own redirect to (say) bbc.co.uk

Onedrive SDK Authentication Redirect Issue with Query Param

Currently, I'm trying to integrate the OneDrive SDK onto a website. However, I'm having issue with redirecting with authentication.
Normal route:
User goes to the website. It clicks on a button to single sign onto there OneDrive
User gets redirected to OneDrive Authorization page.
Once authentication, user gets redirected to where they left off. This redirect is specified in the OneDrive's SDK account. However, it seems that they don't allow query params in the redirect URL.
Is there a way around this?
The only thing I could figure out is using a URL that is an alias for the URL with the query params, but that just seems like a hack solution. It's hard to believe that there isn't a way for a user to redirect with query params to indicate at what stage they left off on the site.
Example of invalid redirect url as http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive
Any advice appreciated,
Thanks,
D
You can try registering your base URL as the redirect URL and just before initiating authorization action append the parameters to the redirect URL.
Redirect URL at one drive app dashboard : http://skydpk.com/index.php
Authorization URL
https://login.live.com/oauth20_authorize.srf?client_id=<your client id>&scope=<scope>&response_type=code&redirect_uri=http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive

testing foursquare API at the localhost

I am testing the foursquare API at the localhost
in the configuration of foursquare developer, I set the application url as
Download / welcome page url
http://localhost
Your privacy policy url
http://localhost/
Callback url
http://localhost/app
my application url is http://localhost/app, and the idea is really simple, use HTML5 geo API to get my geo location, and use this geo data to get nearby places from foursquare API.
However, when the page redirect the foursquare at the auth, the redirected page says something goes wrong.
I guess it is because of the callback url, could somebody show me how to set right configuration at the localhost.
I ran into this issue. It appears that when authorizing, the 4SQ API expects the redirect_uri to sent and to match what is in the APP settings. So basically, when creating the Auth URL you should be sending the client_id, response_type AND redirect_uri. The value you put for your redirect_uri MUST match what you entered in your APP settings which in your case would be "http://localhost/app"