I'm facing a very strange issue with next-auth.
We have a next.js app deployed on Vercel.
Some of our API endpoints require authentication, and some don't.
Locally, everything works fine, but in preview, next-auth runs on every request. So when for instance a new user makes a request to sign up, next-auth runs, tries to authenticate the user by email and password and throws an error because can't authenticate the user.
Even if I comment the throw error and return a 200 status code inside the getUserByEmailAndPassword function, the request doesn't go the the signup API at all.
Although in the browser I can see the request direct to the right API endpoint, the handler for that API doesn't run at all.
I only receive response from next-auth
I tried to change the NEXTAUTH_URL environmental variable to match the url for the current preview, but it doesn't work
I found out this was happening because I was importing the same instance of next-connect
https://github.com/hoangvvo/next-connect/issues/141
Related
So I have email link signin (password less) working for iOS and Android, but if a user requests the email and then opens it on a web browser, they see this message:
Error encountered
{"error":{"code":400,"message":"API key expired. Please renew the API key.","errors":[{"message":"API key expired. Please renew the API key.","domain":"global","reason":"badRequest"}],"status":"INVALID_ARGUMENT"}}
I need them to click the link using their mobile device in order for the authentication to work, but ideally I could provide a more graceful message here that tells them to open the link on the mobile device. Any ideas?
I've now got this redirecting to my own website. Long story short - for some reason my Firebase hosting site was not configured properly and thus this authentication url was not being handled as it should. Fixable by recreating hosting site or just creating an additional site under hosting and using that for the email action url.
What I did was:
Create an Additional Site on Firebase Hosting. I made it additional so I wouldn't have to worry about messing with the Dynamic Link setup that is currently working on the default site.
Then under Authentication > Templates in the Firebase console, I changed the action url to use the new site but still have the (__/auth/action?...) path after the domain.
Now, when this url is accessed via a desktop browser, the user is redirected to the continue url (specified in the action code settings of the mobile app) and I display what I want on this continue url.
I noticed that in my Google API console, Firebase created a new Browser key and that it is being used whenever this auth link is clicked. Perhaps this was the issue all along. I wonder if I somehow restricted the wrong key. Anyways, if you run into a similar issue, check your API keys and their restrictions and/or just create a new additional site in Firebase hosting and use that.
I am setting up a custom oauth server with Rocket Chat (Meteor). Almost everything is okay, however Rocket Chat fails when trying to query the /oauth/token endpoint to log the user in.
The endpoint is not touched, so I guess the requests is not even sent. The
error is thrown here and the message is Parse Error.
I've tried to read the meteor/http code, but I did not manage to figure which package could be responsible to this Parse Error.
I can't figure the right way to get more info. Edit: I've tried to install Rocket Chat locally and could not reproduce. This error only happens on a live instance.
Any idea what could cause this issue or what step I could take to debug this?
This error "Parse Error" can appear when the URL is not correct but still a valid URL. The endpoint will return HTML instead of a valid JSON and thus produce this error.
Example: you host your Rocket Chat on "my-chat.com", and use "localhost:3000/oauth", on your own development machine, as your oauth server.
This will fail, because Rocket Chat will query "localhost:3000", but from the Rocket Chat standpoint localhost is the server it is hosted on, not your own machine. So the request will hit Rocket Chat itself instead of your local development server and produce this error.
I have implemented Firebase custom authentication using the firebase-admin library in Python on my server.
The first time I use the token, it works fine and I'm able to authenticate.
But if I restart my node.js application a few minutes later, I get the error:
The custom token format is incorrect. Please check the documentation.
Which I believe means that it has expired, even though I never logged out.
This does not seem to be working:
Once you've called authWithCustomToken successfully, you stay logged in forever (until you sign out explicitly) so you should be able to get devices to have a long-lived authentication session without minting long-lived custom tokens.
How do I explicitly save the authentication between application restarts? Or do I have to mint a new custom token on every restart?
Custom tokens are only valid for an hour. However, I'd suspect your caught error code to be something different. I'm personally on a quest to figure out how to best keep these tokens refreshed, but I do wonder if a deployed instance restarting might be an alternate cause of tokens being invalidated.
When I run ionic serve --lab everything works fine in the browser. I can do auth operations with email and password. When I try and test on a device through ionic upload, or build on android, the app isnt authenticating correctly. I can still connect to firebase if I hard code the Url of a list or object but can't get the data through my auth login. Its worth noting that when I emulate in the browser I get "The current domain is not authorized for OAuth operations. This will prevent signInWithPopup, signInWithRedirect, linkWithPopup and linkWithRedirect from working." Not sure if its related to my issue because it still allows me to login from the browser and I am not using any of those, just auth.login(email, password). Also when I debug the app from my device through chrome I get "Uncaught Error: "location.protocol" must be http or https ". Does anyone know how I may be able to fix this?
Popup and redirect operations are only currently supported in http and https environments. Check this thread on how to sign in or link with popup in Ionic/Cordova: https://groups.google.com/forum/#!searchin/firebase-talk/cordova$20facebook/firebase-talk/mC_MlLNCWnI/DqN_8AuCBQAJ
I know there has to be an obvious solution to this problem and I am missing it, so I would much appreciate someone enlightening me so I don't spin my wheels...
I am writing an ASP.Net application that will interact with a service API (Evernote specifically). Evernote requires OAuth for security and before I can actually interact with the objects I need to obtain a token.
The workflow goes like this (explaining it to myself as much as anyone else!):
Build a url with my development api key and secret key and some other OAuth stuff, send it to Evernote to request an access token.
Send the url as a request to Evernote and pull the new access token out of the response
Build another url with the access token to request an authentication token for the user. This url goes to a page the user must interact with to login (if they haven't already) and then authorize my application to access their account. The last param of the url I build is a callback url which will be called from Evernote's servers.
If all goes well, Evernote will request the callback url and include the new authentication token as a param.
Once my server receives the callback with the embedded token I can use it so that my app can interact with the users' notes on subsequent requests.
The problem is that I'm writing this app on a local box, not an ISP under a public domain. So my callback is to the localhost server. Of course, localhost is relative, so Evernote can't resolve my callback... I can't ever receive an authentication token and debug at the same time.
There has to be a way around this problem because this authentication model is not unique to Evernote (by a longshot... Flickr uses it as do a lot of other services). So can someone tell me how to set things up so I can get the authentication token and still be able to debug on my local box?
Help is much appreciated!
OAuth is quite tough to implement. It may not be the answer you're looking for, but this is how I managed to get the job done:
Write some code on my local dev machine.
Run a bat file (or alternatively hook a post-build event in VS) that executes a msbuild deploy script and deploys the application to a test server.
Run the application on the test server. After obtaining the request token and requesting for authorization it redirects to the Evernote website.
After successful authorization the Evernote website redirects back to my test server and the authorized request token is exchanged for an access token.
Instead of debugging (I don't have VS on the test server) I examine the logs of the application (the logging I used was as simple as writing to a text file).
Rinse and repeat
For the purposes of testing I registered a temporary public subdomain (e.g. testing.oauth.mydomain.com) so that Evernote will be able redirect to that url.
According to this (How do I develop against OAuth locally?) the callback is issued by the browser, so it should be able to hit localhost.