I am trying to implement Azure b2c using expo-auth-session. After the login on the browser and redirecting back to the app I get following error.
"error": "redirect_uri_mismatch",
"error_description": "AADB2C90006: The redirect URI 'https://auth.expo.io/#username/app-slug' provided in the request is not registered for the client id 'XXXXXXXX-XXXX-XXXXX-XXXXX
Timestamp: 2021-10-13 11:08:53Z
When I try to add it under the redirect Uri, I get the error shown in the attached image.
Removing the # from the username fixes the error but then it will not redirect back to the app.
Thanks in advance!!!
I dealt with this same problem. The validation is a bug in the Azure UI.
You can get around it by grabbing a valid request from the Chrome developer tools, modifying it to insert the # symbol (e.g. grab a successful save without the # symbol) from the network tab. It will looks something like this:
Then right click that row for the request that was just made, "Copy" -> "Copy as cURL"
Get that text, paste it in a text editor where you can modify the inputs. You should be able to find the value that was modified in this request, and you can add in your # symbol now.
Copy / paste it into your terminal so you can make the request, and, it'll work :) The server does not restrict the # symbol from being there.
Related
I am trying to create a setup where a user can
signup & sign in directly from the combined signup&Signin page
Signup&signin from the invitation link.
Point one is working perfectly fine using the following files
BaseFile
ExtensionFile
RPFile
For point 2 I have created
SignupinviteRPFile
Now, when I click on the invitation URL which is in the following format
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/oauth2/v2.0/authorize?client_id={clientID}&nonce=ca00379642b94aa693a80b66783aa010&redirect_uri=https%3A%2F%2Fmytenant-dev.azurewebsites.net%2Fsignup%2Fuser-invite&scope=openid&response_type=id_token&id_token_hint={SignedJWTToken}
I do get the signup page with readonly emailID. But once I fill all the information and click "Create" it gives me
Following issue:
Sorry, but we're having trouble signing you in.
We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, please try again.
Correlation ID: 3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6
Timestamp: 2021-02-03 11:07:20Z
AADB2C: An exception has occurred.
Observations:
The account gets created in the local AD and I can see the user's entry
Following are the three calls from the network logger
/SelfAsserted?tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation
2./confirmed?csrf_token=bThiL2hJNXZ4ZFBwSXZ3ZzRLd1lVUExQV2V1T3EzVkNBYUloaEpqWk5lYTBXczAvUW9oSjJMVXBEWWhrenZ1Ymc2SkJNL3N5N0UxNzZYNHBDVDdsaWc9PTsyMDIxLTAyLTAzVDExOjA2OjQ2LjU5NTgzMzVaO2tuVzlHdzdMTDZ1QzMyT1JmRGNZbGc9PTt7IlRhcmdldEVudGl0eSI6IkxvY2FsQWNjb3VudFNpZ25VcFdpdGhSZWFkT25seUVtYWlsIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9&tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation&diags=%7B%22pageViewId%22%3A%22e25ebe04-1601-460d-b3a8-1d958c8155b8%22%2C%22pageId%22%3A%22SelfAsserted%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A3%7D%2C%7B%22ac%22%3A%22T021%20-%20URL%3Ahttps%3A%2F%2Fmytenant.b2clogin.com%2Fstatic%2Ftenant%2Ftemplates%2FAzureBlue%2FselfAsserted.cshtml%3Fslice%3D001-000%26dc%3DPNQ%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A50%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1075%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST%22%3A1612350440%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1077%7D%5D%7D
3.client/perftrace?tx=3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6&p=null
3. Following URL uses GET Method
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/api/SelfAsserted/confirmed?csrf_token=bThiL2hJNXZ4ZFBwSXZ3ZzRLd1lVUExQV2V1T3EzVkNBYUloaEpqWk5lYTBXczAvUW9oSjJMVXBEWWhrenZ1Ymc2SkJNL3N5N0UxNzZYNHBDVDdsaWc9PTsyMDIxLTAyLTAzVDExOjA2OjQ2LjU5NTgzMzVaO2tuVzlHdzdMTDZ1QzMyT1JmRGNZbGc9PTt7IlRhcmdldEVudGl0eSI6IkxvY2FsQWNjb3VudFNpZ25VcFdpdGhSZWFkT25seUVtYWlsIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9&tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation&diags=%7B%22pageViewId%22%3A%22e25ebe04-1601-460d-b3a8-1d958c8155b8%22%2C%22pageId%22%3A%22SelfAsserted%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A3%7D%2C%7B%22ac%22%3A%22T021%20-%20URL%3Ahttps%3A%2F%2Fmytenant.b2clogin.com%2Fstatic%2Ftenant%2Ftemplates%2FAzureBlue%2FselfAsserted.cshtml%3Fslice%3D001-000%26dc%3DPNQ%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A50%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1075%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST%22%3A1612350440%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1077%7D%5D%7D
Gives following message:
We can't sign you in
Your browser is currently set to block JavaScript. You need to allow JavaScript to use this service.
To learn how to allow JavaScript or to find out whether your browser supports JavaScript, check the online help in your web browser.
And the last call uses POST method
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/client/perftrace?tx=3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6&p=null
gives 404 error message
Basically, after the signup from the invitation url I am not able to signin to my application. I am not sure if there is any conflict between the two RP files or If I am missing anything.
The problem is here
https://github.com/rbagree/B2CSignupSigninInvite/blob/main/signup_invitation.xml#L63
The log shows it cannot find this key. Just remove this entire technical profile as it should already exist in your base file.
The Problem is im trying to enter URL in properties of Make Rest Call but every time I enter something it shows this error
So, basically the problem was when I removed the https:// from my URL it allowed me to type URL and other information.
I know there have been multiple questions regarding this issue... however, I'm not sure how to handle my case.
I am using spotipy to access the Spotify API. In my python notebook, I entered:
util.prompt_for_user_token('<user_id>',client_id='<client_id>',client_secret='<client_secret>',redirect_uri='localhost:3000/callback/')
On the spotify developer website, I have listed localhost:3000/callback/ as my redirect URL.
When I run the prompt, I am redirected to the spotify page where I would click 'okay' to authorize the account. However, each time I click the 'okay' button, nothing happens. Tried using a separate browser, tried restarting my computer... I'm not sure what to do.
Thank you!
After being redirected, the library should prompt you to copy the URL you're redirected to and paste it back in your python notebook. It then grabs the access token from the URL and uses it to authenticate.
Background
I have an ASP.Net Core v2.0 web application that has the [HttpGet] attribute above action results that don't need to accept a post.
I created a spreadsheet with a list of pages on the website to my marketing team, along with a column of hyperlinks that link directly to each page on the website.
Example Spreadsheet:
Issue
Once the marketing team started clicking on the links in the spreadsheet, I started to receive 404 errors via email (configured using NLog) although the page did still load for the user.
Troubleshooting
I troubleshooted this and uncovered that the issue was down to the [HttpGet] attribute. If I take the [HttpGet] attribute out, clicking on the links in the spreadsheet doesn't generate a 404 error.
The site doesn't generate 404 errors when loading the page (s) via the browser.
I installed fiddler and it looks as though Excel is using the "CONNECT" method.
Fiddler screenshot:
I thought this could be the issue as it's not a GET but when I access a page within Chrome, it also shows using the "CONNECT" method in fiddler.
I'm looking to see if anyone else has had this issue and if they got around it? Do I need to add another attribute alongside [HTTPGet] to stop Excel or other 3rd party software causing a 404?
I've resolved my own issue.
For anyone else that has this issue the fix is to put [HttpGet, HttpHead] as the attribute. If you have a custom route then add another attribute underneath:
[Route("[controller]/custom-action")].
For info, I got to the bottom of this by using the logs from the drop down ASP.Net Core Web Server in the output window in Visual Studio. I could see that when the link was first being requested by Excel, it was using the HEAD method rather than the GET which is why a 404 error was being fired.
Hope that helps someone down the line.
It is impossible to obtain an access token with an OAuth URI which worked until the end of August, and which is used by various clients.
It's a general issue with third party clients as of now:
hangoutsbot
yakyak
purple-hangouts
Thus, currently, it is impossible to use a Google Hangouts Chat Bot (third party application) using hangups. It now fails with this error:
Here is how URI created to access Google OAuth with Python :
OAUTH2_SCOPE = 'https://www.google.com/accounts/OAuthLogin'
OAUTH2_CLIENT_ID = 'some_client_id'
OAUTH2_CLIENT_SECRET = 'some_client_screet'
OAUTH2_LOGIN_URL = 'https://accounts.google.com/o/oauth2/auth?{}'.format(
urllib.parse.urlencode(dict(
client_id=OAUTH2_CLIENT_ID,
scope=OAUTH2_SCOPE,
redirect_uri='urn:ietf:wg:oauth:2.0:oob',
response_type='code',
))
)
OAUTH2_TOKEN_REQUEST_URL = 'https://accounts.google.com/o/oauth2/token'
Google has made some OAuth changes that killed the way hangups does its initial login: see issue here and here
Existing bots will also stop working as soon as their tokens expire find this article.
So, how can we access the Authorization Code for accessing Hangouts?
Using the urls below
https://accounts.google.com/o/oauth2/programmatic_auth?hl=en&scope=https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthLogin+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&client_id=936475272427.apps.googleusercontent.com&access_type=offline&delegated_client_id=183697946088-m3jnlsqshjhh5lbvg05k46q1k4qqtrgn.apps.googleusercontent.com&top_level_cookie=1
you can get to a programmatic_auth url that sets the oauth code to a cookie that contains the oAuth code.
How to do:
1. Go to the above url
2. Enter your username, click next.
3. Right click page background, inspect
4. Go to the network tab.
5. Enter your password, click sign in
6. Click the first row, the one that says "programmatic_auth"
7. Scroll down in the right-side panel, find "set-cookie"
8. Your code should be there, after "oauth_code=", up to but not including the semicolon.
9. Copy it and use it.