Getting AccessTokenFailed using ServiceStack FacebookAuthProvider - servicestack

trying to use facebook's oauth with servicestack, i'm hitting url
localhost:60782/api/auth/facebook
being taken to facebook's auth dialog but after clicking allow, i'm being redirected back to my redirect URL with #f=AccessTokenFailed
localhost:60782/api/users#f=AccessTokenFailed
anyone have any idea what's going on here?

I had a similar problem when setting the facebook authentication up. I found it difficult to pinpoint the problem because servicestack catches the web exception and effectively discards it. To work out what was happening I downloaded and compiled the service stack code. I was then able to change my project to reference my local service interace DLL which enabled me to set a debug point in the facebook auth provider.
In my case I was getting a proxy authentication error, caused by the server attempting to contact facebook without any credentials. I overcame this by reconfiguring my dev pc and production pc so that they didnt go via the proxy.

Related

ASP.NET Core 5 MVC web app returning bad request errors in some pages after deployment to IIS

I have tried everything. I configured Windows Server 2019 according to Microsoft documentation and I successfully deployed a .NET 5 web application to the IIS.
I can get to the login page. I can even get to the forgot password page and they show themselves fine. However when I try to do any action (send the forgot password link or login to the page) I get a "Bad Request" from the server. I haven't found a way to explain why.
I have tried several, and I mean several things found Googling around but nothing helps. This include disabling https within the .NET Core application, trying to get a detailed error page using the app.UseDeveloperExceptionPage(); instruction inside Startup, etc etc but nothing works. I always receive this page trying to execute any action:
If someone could help or point me into the right direction, I will really, REALLY appreciate it.
Thank you
PD: In case it has anything to do with the problem, the error, at least the two that I can reproduce (because I can't even log in), happens, I think (maybe don't) when redirecting to another page in Microsoft Identity.
EDIT: code was asked by one of you. Thank you.
As you see, there's nothing specific in the forgot password screen for my application. This is scaffold code from Microsoft Identity. I even edited it and just let one line of code inside it, which is the default return code anyway as follow:
public async Task<IActionResult> OnPostAsync()
{
return RedirectToPage("./ForgotPasswordConfirmation");
}
As you can see, there's nothing special with that code. Here's the html that calls it, again, is a scaffold of Microsoft Identity with little to no changes (by little, I mean, maybe some CSS and a new value of view data):
But then again, forgot password page actually shows and seems well in the front end, but immediately I try to enter my email and click enter in this page, (also, just a scaffold of Microsoft Identity):
Nothing happens. I receive the bad request. There's NO magic nor custom code here. Something silly is going on.
EDIT II: YES, locally it works perfectly. The strange behavior happens only when deployed to IIS.
EDIT III: I coded and enabled logging in my .NET Core APP and wrote that to a file, and I think I finally got, at least the error (not the reason yet):
But why?? Cookies are enabled in the server browser without avail, same issue. Someone has a better idea than disabling anti forgery rules to login and forgot password pages?
Thank you
For some reason, when I deployed the first version of my app into IIS, I thought it was a good idea to just browse it from the IIS link. Of course, in a new mounted Windows Server 2019, IE is still the default browser. I connected directly to the IP of my web app via VPN, but used Chrome this time. Guess what? All problems disappeared. Yes, it's a bad idea to try to use a modern framework like .NET Core Identity with IE.

YouTube Data API v3 OAuth setup from Python

I am using Python to directly run a script of automatically replying user's comments.
I have a client secrets file after applying for a web-application. However, when I run for credentials, it first asks me to Please visit this URL to authorize this application and then when I clicked on it, it gives me this error:
Error 400: redirect_uri_mismatch The redirect URI in the request, urn:ietf:wg:oauth:2.0:oob, can only be used by a Client ID for native application. It is not allowed for the WEB client type. You can create a Client ID for native application at.
What application should I have applied for the OAuth in this case.
I know that this issue could be related to redirect URL. But because I am running this out of my script on my local computer, I am wondering what my URL should be.
You have to acknowledge that your issue above is precisely due to the redirect URI mismatch. The error response you got from the API is indicating you this.
To fix you issue, you'll have to have the same redirect URI set on your project within Google developers console and, at the same time, within your Python script.
If you indeed are running your application on your desktop (laptop) computer, then follow on the error message advice: within Google developers console, do set your project type to be of Desktop kind.

Azure Bot Service not working in Web Chat behind proxy

I have created a basic C# bot in Azure and have been doing some tests with it. I am able to debug locally and test that the bot works and responds normally, However, Web Chat does not seem to work (either the "test in web chat" within Azure or the embed code provided under "Channels" menu. The bot does not respond and the following can be seen in the browser's console:
botchat.js:20 WebSocket connection to 'wss://webchat.botframework.com/v3/directline/conversations/b00803da186843c08e057a03f1af26d3/stream?watermark=5&t=PdrKaTBDGps.dAA.YgAwADAAOAAwADMAZABhADEAOAA2ADgANAAzAGMAMAA4AGUAMAA1ADcAYQAwADMAZgAxAGEAZgAyADYAZAAzAA.PWqO6rz50wE.O0xFG-RkTZ0.306EPN7-0X_MGGfBUujpWoKN8Xm942hqpn_BVxbRe_M'
failed: Error during WebSocket handshake: Unexpected response code: 400
(anonymous) # botchat.js:20
This happens with any chat bot created in Azure even without any code changes but only when in my company environment, which is behind a proxy. I am almost certain that this is somehow the cause of the problem, but I have no clue why nor how I might approach the proxy team to report the problem nor what I may need to ask them to unblock.
The Question: Am I right to assume that this is a proxy problem or should I investigate something else and, if this is indeed a proxy issue, what do I need to do/ask to unblock to solve it?
Any help is highly appreciated!
This is definitely a Proxy issue, You can talk to your admin team and get these links removed from their firewall settings so you can get access. We do get this issue's in our company we do the same as i have suggested.\
Happy coding!!!

Why does Auth0 fails with error unknown client?

I have a React project using express/node.js on the backend. Tested the project thoroughly before deploying, fully functional with no problems. After hosting and configuration, the site is accessible online but any login attempt generates a 400 error stating the request is coming from an unknown client?
I can share any code snippets needed but I'm thinking something is wrong in my Auth0 configuration. I've checked and triple-checked the clientID and key in my code, as well as my web origin urls and allowed callback URLs.
Can't find any reference to this error code here on stack or on google. Auth0 support has no mention.
Has anyone had this problem?

401 Unauthorized with OData Update and Delete

For the first time I have stumbled upon a problem where the solution has not already been provided (completely) on SO, but I hope someone out there can help.
My problem is similar to PUT and DELETE in RESTful WCF Service cause 401 Unauthorized error .
That is, I have a WCF Data Service where I get a 401 whenever I try to do updates or deletes (read and post works without any problems). The difference to the abovementioned post is that I am not hosting my service in IIS but on Windows Azure, so I am not able to apply that solution.
I have the same problem (401: invalid credentials when attempting updates or deletes) on both a .NET client and a restlet client using the OData extension. However, on the .NET client I am able to resolve the issue by setting UsePostTunneling = true.
In my service I have set config.SetEntitySetAccessRule("*", EntitySetRights.All).
Does anyone know how I can resolve the issue for my restlet client?
First thing I would check is to see if you have PUT and DELETE verbs enabled in your handlers. Are you running this from a web role in full IIS or are you using Hosted Web Core (HWC), or something else? Usually, more than a 401, I see a 405 error because WebDAV is on the machine and PUT and DELETE verbs conflict there. You end up having to disable WebDAV for the app.
I would also check your authentication method in your web.config. I have seen the 'none' type cause issues, so change that to Forms.

Resources