I am trying to build an app in node.js that connects to Pinterest via its API. I can get an access token via Postman and test my app in single-user mode, but I am unable to incorporate OAuth2 to test my app for a second user. Every configuration of my code and settings at developer.pinterest.com yields the error "The provided redirect_uri ... does not match any of my registered redirect URIs."
I registered what I believe are correct callback URLs at developers.pinterest.com--many variants, with and without trailing slashes. My callback is hosted via https.
I tried calling Pinterest's auth URLs OAuth2 in my server code (node.js), and via browser address bar.
https://api.pinterest.com/oauth/?response_type=code&redirect_uri=https://www.outfinterest.com/auth/pinterest/callback/&client_id=5042375080944909391&scope=read_public&state=true
I attempted the auth from a browser logged into Pinterest as me, and from a browser logged in as a registered tester of my app.
What must I do to get Pinterest to accept my callback URL?
Do I need to submit my app for approval before I can authorize via OAuth2?
I resolved the problem by reducing the set URLs registered at developer.pinterest.com to just the one I need, then reloaded the page with the app settings.
Related
I created web app in my Azure account. I have all details like tenat id, client id, client secret etc. While creating I have added uri as https://localhost and I also added scope Data.Read and added Application ID URI. But I can't open above mentioned url. Most possible that I am missing something in my mind and dont fully understand the rule how it should work, that is why I am asking for help. I need this localhost in order to test auth with Azure tokens. What exactly I am doing wrong?
Azure allows http protocol value for only localhost. Remaining all redirect URIs must begin with the scheme https. To use https, you should install SSL certificate.
HTTP: The HTTP scheme (http://) is supported only for localhost URIs and should be used only during active local application development and testing.
I am not sure what error you are getting Azure active directory basically Redirect back to the Redirect URL specified in the request provided to AAD after login using either the /authorize or /token endpoint is what AAD does. If the match is successful, AAD publishes the success response back to the same Redirect URI after successfully authenticating the user. Once the request reaches AAD, it verifies the Redirect URI and compares it with the reply URLs listed in the app registration.
For more information in detail, please refer below links:
How to create Azure Web App | Ciemasen
Localhost exceptions
Redirect URL with http but NOT localhost
I'm tasked with making a server using Node.js which will read emails from a Google account and parse the content from those emails into data we can store in a database. I'm using Google's googleapis package (v103.0.0) in NPM to authenticate/authorize with whichever account we'd like to use.
The issue comes when we try to switch accounts and have the user re-auth. During development on a local machine, the Auth process works as expected:
The client requests an Auth URL.
The server generates a new Auth URL and sends it back to the client.
The client redirects to that URL and the Google Consent Screen is shown.
The client is asked to choose between logged-in Google accounts.
The client authorizes the application and is redirected back to the server with a code.
The server uses the code to generate/save a token, which allows it to use the Gmail API.
However, after deploying to Heroku, the Google Consent Screen no longer allows the user to select an account. Instead, at step 3, it shows this message. In just about every other question related to this error, there's always additional information below the error code/message, but nothing's there for me. I made sure: (1) the domain I'm using in Heroku is verified on the Google Cloud Console, and (2) the redirect_uri within the Node.js application is passing the correct domain to the Auth URL, even while in production.
I can't provide the URL for privacy reasons, but let me know if there's any source code or Cloud Console info I should include.
It didn't take long after posting this question, but I realized I was using an incorrect OAuth 2.0 Client ID type. I was attempting to use "Desktop" when I should've been using "Web application" instead. Take a look at this image to see the difference.
When you select "Web application", you're given some new options: Authorized JavaScript origins, and Authorized redirect URIs. This is where you need to fill out the allowed URIs. Here's a sample of what that should look like.
I have an existing Azure Function App configured with App Service Auth using AAD.
By directly accessing the App Service website xxx.azurewebsites.net/xxx I am prompted to login, and on logging in redirect back the xxx.azurewebsites.net page.
However, with the same function app accessed via an APIM endpoint, I load the site xxx.azure-api.net/xxx, get prompted to login, and then get redirected back to the azurewebsites.net page rather than the azure-api.net one.
Is there any way to configure this redirection? I have set the Redirect URIs in the App Registrations 'Authentication' blade, however this has made no difference.
Additional information:
In the initial 401 response I can see the original URL in the headers
WWW-Authenticate Bearer realm="xxx.azurewebsites.net/xxx" ...
No, we can't set the request to redirect to azure-api.net after login.
What we need to know is if we use AD to protect the function app, it will redirect to login page when we request the function url. And after login, it will redirect back to function url and continue to do the request.
When you use APIM to access the function, the APIM is just as an interface. So it's same with the steps above after you request the APIM api to access the function. So it will not redirect to azure-api.net, it is by design.
I host a React & ASP.NET Core web app in an Azure App Service. I'm encountering an isolated and bizarre (to me anyway!) issue relating to the post-login process in my application.
We use Okta for authentication and the login process looks like this:
User navigates to our website
On page load when not logged in, authorize attribute redirects to the '/api/auth/login' controller action
'/api/auth/login' invokes challenge and redirects to Okta
User logs in to Okta and is redirected back to callback URL specified in OpenID connect middleware
Web app redirects back to '/api/auth/login' to check if user is authenticated then redirects to '/' to render home page
In chrome, in azure and over https only step 5 above does not redirect to '/' and instead the call to '/api/auth/login' is returning a 200. Nowhere in my controller action do I return a 200 here. This works locally when using chrome and HTTPs so it seems to be isolated to my Azure environment.
Chrome request/response dumps of HTTP vs HTTPS in Azure are below. The HTTP response is what I'm expecting, I've got no idea where the HTTPS response is coming from.
HTTP with expected response from '/api/auth/login' call:
HTTPS with unexpected response:
Any suggestions would be greatly appreciated!
The scaffolding framework we used for our react application was registering a service worker which was returning this 200.
I am using multiple authentication providers and protocols(Oauth2, Open ID 2, SAML) for authentication which need client to be redirected to providers authentication URL. After successful authentication server will redirect client back to application server URL with user information/code/token in header.
This is already working fine in web browser, node webkit app and cordova as I can use window.open and then see the changes in the url or close the popup window after getting the access token.
Since this is not an extension I will not be able to use chrome.tabs. I tried chrome.window also and it also doesn't allow redirection.
Even webview allows to open an external url, but doesn't allow redirect.
I can't use chrome.identity as its just specific to Oauth 2. Sandbox also doesn't work.
Can someone please tell me if they have ever used Oauth, OpenID, SAML, redirections in chrome packaged apps without using the chrome.identity