I've seen a few people having problems with the oAuth1.0 using hello.js with Twitter, LinkedIn etc. Unfortunately, I am one of them. Trying everything I can to fix it, but I need help.
To explain:
I have my Twitter credentials initialised:
hello.init({
'twitter' : '*******************'
},
{
redirect_uri:'****************',
oauth_proxy: 'https://auth-server.herokuapp.com/proxy'
});
(I presume that the 'oauth_proxy' in my case here is correct?)
Apart from that, I have tried calling the function in the button tag like so:
onclick="hello.login('twitter');">
I have seen people making errors having skipped the 'https://auth-server.herokuapp.com/#signin' step but I have all my credentials inputted there for the mean time. But, one question:
The 'Reference' section, is that just a nickname kind of thing? And what's the 'Domain' section about?
The error that I'm receiving is a 401 error message.
Another question:
Do I need all of the 'twitter.js' & 'client_id.js', or is including 'hello.js' sufficient?
I appreciate any effort to help me with this. Thank you.
As Andrew said (after all, he is the one who wrote hello.js), one of the problems could be related to the callback URL. I found out after a while that Twitter (unlike Facebook) does not accept 'localhost', so instead one has to write 127.0.0.1.
That solved all my problem when being stuck at the same point.
So yes, the reference is a nickname e.g. "dropbox", and the domain field is the domains e.g. "myapp.com". Its advised to fill both these in for your own reference and their misconfiguration wont lead to a 401.
The 401 is likely that your client id / secret is incorrect. Or the redirect_uri defined in hello.init does not match the Callback URL you assigned to that client id when you registered with a third party service.
The error handler hello(network).login().then(successHandler, errorHandler) should give more information. Can you attach that too your question?
"client_id.js" is a demo script which defines the credentials used for my hellojs demos. Do not include it!
However you may like this approach for maintaining your application credentials in a separate file - this approach is left up to you.
All you need to include to get started is dist/hello.all.js this contains hello js and all the third party configurations listed.
Related
I need to automatically register accounts in one service and there I need to solve a captcha. I use this code to send captcha token:
send_token = driver.find_element(By.NAME, "h-captcha-response")
send_token.send_keys(form_token)
This code only works on simple demo sites. This method does not work in my service, here is the website:
https://auth.alchemy.com/signup?redirectUrl=https%3A%2F%2Fdashboard.alchemy.com%2Fsignup%3Fa%3Dgoerli_faucet%26redirectUrl%3Dhttps%253A%252F%252Fgoerlifaucet.com%252F%253FauthRefresh%253DTrue
I'm just starting to learn Python and JS I don't know at all.
I would like to know the principle of searching for this "place", where to send the token and how to do it, thanks in advance)
I have examples of sending a token using JS in other services. Maybe this will help somehow)
1:
driver.execute_script("verifyCallback(arguments[0])", (form_token))
2:
driver.execute_script("form_token = arguments[0]", (form_token))
driver.execute_script('hcaptcha.getResponse = function() {return form_token}')
It seems to me that I found the "place" where the token appears after solving the captcha manually, but unfortunately I don't know what to do with it)
So I'm out of ideas, I don't know what to check or debug anymore, but on the exception I get this:
string(188203) "Facebook\FacebookAuthorizationException Object
(
[statusCode:Facebook\FacebookRequestException:private] => 400
[rawResponse:Facebook\FacebookRequestException:private] => {"error":{"message":"Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request","type":"OAuthException","code":100,"fbtrace_id":"DqCCKoiN0r4"}}
[responseData:Facebook\FacebookRequestException:private] => Array
(
[error] => Array
(
[message] => Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request
[type] => OAuthException
[code] => 100
[fbtrace_id] => DqCCKoiN0r4
)
)
[message:protected] => Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request
[string:Exception:private] =>
[code:protected] => 100
You can set redirect URI in
Go to https://developers.facebook.com/apps
Select your app.
Under Products > Facebook Login > Settings
Enable Embedded Browser OAuth Login
Set Valid OAuth Redirect URIs
You can Validate Redirect URI with Redirect URI Validator.
You can only use https URIs.
Also set App Domain in Settings > Basic > App Domains
Try / at the end of redirect URI
In my case I was using https://localhost everywhere but somehow when getting access token specifying https://localhost/ worked.
As absurd as it sounds, verify you're using the correct app_secret.
Facebook will give you this instead of just saying "invalid secret" in the response
I believed you have used different redirect_uri in your facebook app settings and Oauth API code. thats why you got this error.
For facebook login you must set same redirect_uri into both place.
Make sure to have it exactly as in your FB settings.
For me, I had https://localhost:3000/ in my settings but https://localhost:3000 in my get access token call and this was the source of the error!
I had the same issue and non of the answers helped me, then I tried to make another Facebook app, and it solved my issue!
I mean you have to use one application for Facebook OAuth and make another to use for Instagram oauth. seems Facebook has an issue with using both functionalities in one app.
After engaging in the problem for more than a day, found my mistake to be one '/' (slash) in app url at the end.
incase anyone else is having this issue and can't figure it out, your redirect_uri needs to have a "/" at the end. Facebook adds one automatically when you put your redirect_uri in the app settings. If you don't add the "/" in your code when you're trying to get the token, it will give you this error. That's what was going on with mine.
Ex: redirect_uri = "https://myserver.com:4429"
should be
redirect_uri = "https://myserver.com:4429/"
It means the redirect URI you pass to FB (usually in the query string) does not match what you have set in the app settings.
It can also be because of multiple slashes, for ex:
https://yoursite.com/auth/facebook/callback -> that's the one you added in the app settings
https://yoursite.com//auth/facebook/callback -> that's what you actually send
For me, it worked by replacing
callbackURL: "api/auth/facebook/redirect/",
to
callbackURL: "http://localhost:3000/api/auth/facebook/redirect/",
in the new FacebookStrategy
Was stuck in the same problem for a long time .
You will get this error when the redirect url is mismatching or does not exist or is wrongly formatted in the field (additional spaces or // ) , either the facebook app setting or while you are calling the API .
Solution
What worked for me was when ever you add a redirect URl you can check it in the valid redirect auth field uf it doesnot show valid when pressed check than that url is not the correct one
I finally managed to get this to work, in my case, I was using the Instagram Oauth API but I believe the logic is the same and you can find the complete flow here : https://developers.facebook.com/docs/instagram-basic-display-api/guides/getting-access-tokens-and-permissions.
So here is the basic flow :
Generate an authorization which will provide you with a code (the user will get redirected to Instagram in order to accept/deny the requested authorizations)
This code can be used in order to generate a 'short lived access token' and this is where the troubles arise.
For the first point, you need to provide Instagram with a redirect_uri. When you want to complete the second point, you'll need to make a POST request to Instagram, with a redirect_uri as well.
I thought that both redirect_uri's could be different between the 2 steps, but they don't. And this is simply where my error was : I wanted something like that for the first step : https://my.domain/short-lived-token and something like this for the 2nd : https://my.domain/short-lived-token but when I tried both with https://my.domain/generate-access-token, for instance, it worked.
Hope it helps you guys because I couldn't find anything on the internet.
LATEST FIX:
After sending 3 hours, I found a solution to this error.
This happened due to 2 reasons.
As we can see in response. Just Make sure you set the same URL in the developer portal and code
IMP: FACEBOOK needs to change the API response. 2nd reason is that you make sure that using Instagram App Secret and app ID. I was getting the same error bcoz I was using the wrong app secret.
Must Follow: Official FB Docs
The Braintree documentation says you create an environment as in their example var gateway=braintree.connect(environmental variables) and then create a clientToken by doing
gateway.clientToken.generate({}, function (err, response) {
var clientToken = response.clientToken;
});
Then their example says to insert the client token into the form used for payment
braintree.setup("CLIENT-TOKEN-FROM-SERVER", "custom", {id: "checkout"});
but they also state that clientToken is an object. I do not see anywhere how to get the token value and the return value is only a boolean. I do find that gateway.clientToken is reported as an object by using typeof().
On Stackoverflow, I see a couple of people saying the clientToken object is supposed to be a base64 encoded value but how you do this? Shouldn't Braintree's code do that?
So I'm missing a step somewhere or I can't find the right documentation but I'm definitely lost.
EDIT: Going by the response from Braintree, in the answers below, clientToken is not being filled by response.clientToken in any of the forms I've attempted this, which is many. Looking at examples from all over the web, which are few,and Braintree's light documentation, looks like I'm doing everything right.
EDIT2: My solution to the problem is in my answer below.
The problem lies in where you put the code to interact with Braintree within any node.js calls you make. In my case, I had it inside http.createServer so I could write values out while debugging this but some part of all this won't let that work. I haven't figured the exact details yet.
Also, the example code from Braintree shows clientToken inside the gateway.clientToken.generate() call which would lead me to think that's where it belongs even while not understanding how I was to extract that token value. So moving clientToken outside of that call, something I thought I once tried, solved this at least in part.
I say "in part" because you are to create a new token with every new customer and that can't be accomplished this way. I still need to determine how to generate a new token with every new customer visit. It may be only a matter of making it another function call but I haven't tried it yet.
In addition, I'm still not clear about whether a new customer needs to be created. I read the answer is no but I've also read the answer is yes so confusion reigns but this is probably a different question topic.
I work at Braintree. If you have more detailed questions, please get in touch with our support team.
It sounds like you're confusing gateway.clientToken which is the object that allows you to get a client token, and the client token itself, which is what is received by gateway.clientToken.generates callback -- response.clientToken.
Once you have the token (here, var clientToken), you need to get it to your client. From the "Hello, Server!" docs:
There are a number of ways to get your client token into JavaScript so you can setup Braintree. Many people choose to interpolate the client token into the view which contains the JavaScript to setup Braintree.
I'm trying to build a client-side application that allows people to login with their Instagram accounts. Problem is, I'm not sure if that's still possible.
I've coded a sample JavaScript after reading "Client-Side (Implicit) Authentication" section of their related docs.
I'm getting the following error:
{
"code": 400,
"error_type": "OAuthException",
"error_message": "JS login temporarily disabled"
}
From the error message I'm guessing it's not about my code but it's something on Instagram's side. Is there a way for me to do client-side login? Also, if I can't, what are my options?
Thanks.
I had similar issue and this is how I fixed it.
You have to uncheck the "Disable implicit OAuth:" by going to :
-> Manage Clients
-> Click edit on the app/webapp.
-> Uncheck - Disable implicit OAuth:
-> Update the settings and try to run it again by going to the link :
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
In the link, replace the values that were provided to you and in the response_type, give value as token to get the access token and if you want to get the request code, just replace token with the code in the URL.
Hope this helps for you and for future viewers.. Good luck.. :)
Just unset the "Disable implicit OAuth:" in app settings.
So, it seems it's impossible to do JS login at the moment with Instagram.
But they still allow implicit redirects so the solution is to have a server to make a redirect to your client side application. You only need two endpoints. I've written a small Node.JS app for this which you can find here.
I had tried for the same,I think there are not still providing any api to login with Instagram credentials username and password,You can just authenticate your account via
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
I have used the github sample (https://github.com/facebook/credits-api-sample) and used everything and it gives me this error: There Was a Problem Processing Your Payment
I updated my app id and secret by the way.
everything I do just gives me an error. I have the callback set to callback.php, i have myself as a test user, I have registered my company and set it, i enabled requests 2.0, sandbox mode is disabled.
I have no idea what the problem is.
I hate their documentation on their site, and it would be nice if they had more examples that actually worked.
if anyone can tell me what my error is, or provide me with a working callback and example, that would be exceptional.
Thanks