when I open a browser window to https://api.sonos.com/login/v3/oauth?client_id=myid&response_type=code&state=mystateinb64&scope=playback-control-all&redirect_uri=my redirect url
i get to the SONOS "starting" screen, then I press "continue"
I enter my sonos credentials , click connection
then I get to the consent screen showing my APP name, so I click "OK"
then I get a http 400 with body
{error: "invalid_request"}
and my authorization callback is never called
I checked the parameters, esp the client ID in the url , it is correct
any idea why would this be happenning ?
Please confirm that the redirect uri you specified when you created your client I’d and secret is exactly the same as the one you pass when you request the auth code and when you request the access token.
it now worked, I had to delete the sonos credential completely ( not just the key ) and create a new one from scratch. very strange !
Related
I am developing a React Native apps that use a .net core web API back end.
When I develop, I would like to use the web interface that I get when I type :
expo start --web
This command open this url : http://localhost:19006
My back end listen on : http://localhost:51186
I configure my back end to allow CORS (Cross Origin Request).
I can do some GET and POST request and I work fine since I don't need to be authenticated.
I can call Login api with success but after this step, I can not access to authenticated url.
I have the same problem if I replace localhost by my IP (192.168.x.x).
If I do the same with postman or with my phone, that work fine.
If i look the login response, the back office send a cookie (.AspNetCore.Identity.Application)
I also examined the request send to my back office and it did not contain this credential cookie.
Without this credential cookie, the back end refuse to send the desired resource and redirect me to login page.
How can I send this cookie ?
Is there another way to get authenticated url ?
Thank you for any help
I'm trying to make an authentication functionality in my app, so when I press the login button, a web browser opens and I get to verify my account, and then I get a token in the URL, the problem is that in order for me to get redirected to my app, I need to make the redirect_uri as so AuthSession.makeRedirectUri( 'gecond://' )
but the website from where I'm getting my authentication doesn't allow this type of redirect_uri ( this is the URI that's being used: "https://preprod.autenticacao.gov.pt/oauth/askauthorization?redirect_uri=exp%3A%2F%2F192.168.2.26%3A19000&client_id=123456789&response_type=token&state=UOgf2pE6S0"),
it only allows a specific redirect_uri (like so "https://preprod.autenticacao.gov.pt/oauth/askauthorization?redirect_uri='https://preprod.autenticacao.gov.pt/OAuth/Authorized'&client_id=123456789&response_type=token&state=UOgf2pE6S0"), but when I use this URI, I do manage to get an access token in the URL of the page, but I'm not redirected back to my app.
I'm fairly new to this type of topic, so I might be missing a few steps.
I'm quite sure you misread the documentation. The reply URL is where you add you application's page where the user is redirected after login.
The URL you used is the example URL from the documentation.
Please check the official documentation.
I'm currently trying to implement silent refresh follow this workaround
However, even when I'm logged in, if I try to do an AJAX GET request to the oauth2/authorize endpoint, I get a status of 200. I tried going to the URL in the browser directly, and it worked. Do I need to pass additional information?
Any help would be greatly appreciated, thanks!
I ended up solving my own problem and was able to not have to use an iframe.
Solution to original problem (I was using authorization code flow):
Set up an endpoint on your server with a silent response that FusionAuth can redirect to (endpoint 1).
Set up an endpoint that you will call from your app to perform the silent refresh (endpoint 2).
From the app, send AJAX GET request to endpoint 2.
On the server side of endpoint 2, send AJAX GET request to FusionAuth with redirect_uri=(endpoint 2)
On success, get redirected url. (In express.js with axios I did response.request.res.responseUrl)
If the url is current server host and not the fusionauth service host, complete auth code flow. Return the token and tell the browser that the user is logged in.
In all other cases the user is not logged in, so return to app that user is not logged in.
I'm trying to setup oAuth for Stripe's Connect (Standard). In their setup documentation they say:
Step 1: Create the OAuth link To get started with your integration,
Your client_id, a unique identifier for your platform, generated by Stripe
Your redirect_uri, a page on your website to which the user is
redirected after connecting their account (or failing to, should that
be the case), set by you
Step 3: User is redirected back to your site After the user connects
their existing or newly created account to your platform, they are
redirected back to your site, to the URL established as your
platform’s redirect_uri. For successful connections, we’ll pass along
in the URL: The scope granted The state value, if provided An
authorization code. The authorization code is short-lived, and can be
used only once, in the POST request described in the next step.
The way I've implemented this is by sending the user to a React-Native WebView, and because this is a mobile application, a redirect_uri is not an option.
The problem is, I cant simply make a POST request to a url. there are user actions that must be taken inside of stripe, and ultimately stripe sends an authorization code to a redirect url.
So How can I obtain the authorization code that stripe doles out inside the WebView authorization process so I can finish the Stripe Connect user creation process?
You can use onLoadStart for WebView. Just check if the url from the synthetic event is what you specified in your stripe settings and handle accordingly.
onLoadStart={(syntheticEvent) => {
const { nativeEvent } = syntheticEvent;
if(nativeEvent.url.startsWith("YOUR_REDIRECT_URL"){
// your logic here
}
}}
Follow the steps
step 1 : login in mediator strip account, now open new tab and paste below url in new window and replace client id "ca_****" with the account which you want to connect with mediator account ( client id ), and hit the url
https://connect.stripe.com/oauth/v2/authorize?response_type=code&client_id=ca_************************&scope=read_write
step 2 : now press connect button and find the code from new url like
https://connect.stripe.com/connect/default/oauth/test?scope=read_write&code=**ac_**************************
I'm using the Spotipy library, which uses the Spotify API. When I attempt to get my access token using the 'Authorization Code Flow', I get sent to a spotify web page that asks for me authenticate the access of the app to my user's data. When I click the Okay button, that's supposed to redirect me to my redirect_uri with the access token, it simply does nothing. I get no error message or anything. When I click the Cancel button, I do get redirected to my redirect_uri page, but I don't receive the access token. Is this a bug with the API? Am I doing anything wrong?
I added the redirect_uri to the whitelist of redirect pages in my app's page by the way.
The answer for this for future readers: Make sure your redirect_uri is EXACTLY the same as the one you have saved in the developer dashboard, right down to the http and the trailing slash.