I am setting up a custom oauth server with Rocket Chat (Meteor). Almost everything is okay, however Rocket Chat fails when trying to query the /oauth/token endpoint to log the user in.
The endpoint is not touched, so I guess the requests is not even sent. The
error is thrown here and the message is Parse Error.
I've tried to read the meteor/http code, but I did not manage to figure which package could be responsible to this Parse Error.
I can't figure the right way to get more info. Edit: I've tried to install Rocket Chat locally and could not reproduce. This error only happens on a live instance.
Any idea what could cause this issue or what step I could take to debug this?
This error "Parse Error" can appear when the URL is not correct but still a valid URL. The endpoint will return HTML instead of a valid JSON and thus produce this error.
Example: you host your Rocket Chat on "my-chat.com", and use "localhost:3000/oauth", on your own development machine, as your oauth server.
This will fail, because Rocket Chat will query "localhost:3000", but from the Rocket Chat standpoint localhost is the server it is hosted on, not your own machine. So the request will hit Rocket Chat itself instead of your local development server and produce this error.
Related
I need assistance with a company website I'm working on that should be linked up with Azure Active Directory. I have read those Azure Active Directory Docs. Our cloud team have already setup Azure Active Directory on the Azure Portal and when users including myself try to access the page they are brought to a Microsoft Login Page. Our cloud team have fulfilled Step 1 of registering our app on Azure. And this process of logging into Microsoft fulfills Step 2 of Authorization. The problem here is although the users are able to sign in through Azure active directory, once they sign in and come back to the webpage, we are unable to get the code that Azure generates.
This example Authorize link from the docs shows me the correct process for authorization.
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=6731de76-14a6-49ae-97bc-6eba6914391e&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F&response_mode=query&scope=offline_access%20user.read%20mail.read&state=12345
This link will send you to Microsoft Login page and then after you sign in, it will redirect to the specified redirect_url and it will provide the code in the query parameters. I can see it in the URL bar.
My company's app authentication currently doesn't work like this. We are able to have the user sign in and get redirect back to our page. But the redirect_url for our app is www.ourwebsite.azuresites.com/.auth/login/aad/callback I haven't seen this in any other examples and I'm not sure if this is calling a Azure Active Directory specific callback through this endpoint or if somehow the app server should be handling this.
I can see through Chrome Dev Tools when this happens it is sending a post request to www.ourwebsite.azuresites.com/.auth/login/aad/callback and I can see the payload contains the code that I need but the webpage redirects immediately after that request. I have tried to setup a controller with our .Net ASP.NET backend to handle paths from /.auth/login/aad/callback by trying to send a string response back but it doesn't appear that that works.
My Major question is does the url www.ourwebsite.azuresites.com/.auth/login/aad/callback call an azure specific callback function that our app can't interact with? Or is it sending a post request to our server that we should be handling.
After we get this code we will be able to follow the rest of the authentication process.
This picture shows the initial callback call after a user logs into the Microsoft Login page and gets redirect to the www.ourwebsite.azuresites.com/.auth/login/aad/callback I can see in the dev tools that this post request contains the code.
I'm thinking that it's probably something we need to handle on the server especially since it's a post request. Regardless, any help would be appreciated!
I'm facing a very strange issue with next-auth.
We have a next.js app deployed on Vercel.
Some of our API endpoints require authentication, and some don't.
Locally, everything works fine, but in preview, next-auth runs on every request. So when for instance a new user makes a request to sign up, next-auth runs, tries to authenticate the user by email and password and throws an error because can't authenticate the user.
Even if I comment the throw error and return a 200 status code inside the getUserByEmailAndPassword function, the request doesn't go the the signup API at all.
Although in the browser I can see the request direct to the right API endpoint, the handler for that API doesn't run at all.
I only receive response from next-auth
I tried to change the NEXTAUTH_URL environmental variable to match the url for the current preview, but it doesn't work
I found out this was happening because I was importing the same instance of next-connect
https://github.com/hoangvvo/next-connect/issues/141
I'm setting up an OAuth client for a Firebase application on Firebase Hosting, and I'm trying to add an authorized redirect URI to the "Web client (auto created by Google Service)" here:
https://console.cloud.google.com/apis/credentials/oauthclient
I'd like to add https://my-project.web.app/serviceworker/redirect but the update operation silently fails - loader just keeps spinning - and reports the following in the console:
Uncaught Proxy {Symbol(Symbol.toStringTag): "ErrorResponse"}
and
Uncaught Error: Ch
I'd rather not post the specific domain here, but the strange thing is, I've been able to add it in another project, as a test, and I've also been able to add the https://www.my-project.firebaseapp.com/serviceworker/redirect address with no issues. And for what it's worth, the subdomain https://www.my-project.web.app/serviceworker/redirect was also fine. (Although it doesn't actually fix my issue)
So it seems to be a specific issue with this particular domain and in this particular project.
Posting here in the hopes that someone on Google's side has any more ideas, as I'm at a loss.
Thanks in advance.
I have no idea why this would make a difference for this specific domain, but the issue resolved itself once I went through the "OAuth consent screen" setup.
So if you encounter this issue, I'd make sure everything's set up there first.
I have a fresh asp.net application which has facebook authentication button on it. When I do the authentication on localhost it works flawlessly but when I publish and try to do it on work4me.azurewebsites.net it comes up with the error:
An error occurred while processing your request.
I have set the appID, app secret, domain, correct URL, and http://work4me.azurewebsites.net/signin-facebookas the oauth redirect URI. But it seems like it is hanging for a bit saying "waiting for domain name" before giving me the error.
If I try to enable facebook authentication on the azure portal it works however after logging in the application crashes and gives me the error "Server Error in '/' Application.".
I have followed the guide to enable facebook authentication on azures website but with no luck.
What am I doing wrong here?
EDIT:
It seems to get past that point now, and the error is with the redirect URI. However I have followed this example and use the URL https://work4me.azurewebsites.net/.auth/login/facebook/callback as the guide says but still it wont work, giving me the error that the URI is blocked.
It's been a few months since I first tried this, but I was able to get it working both locally and on Azure, by following the online instructions.
Did you enable User Secrets during development to access your credentials from Application Secrets? If so, you need to create environment variables in your Azure Web App to mirror these values under Application Settings.
Let me know if you still have any issues, then I can look into it some more.
All the best! :)
I know there has to be an obvious solution to this problem and I am missing it, so I would much appreciate someone enlightening me so I don't spin my wheels...
I am writing an ASP.Net application that will interact with a service API (Evernote specifically). Evernote requires OAuth for security and before I can actually interact with the objects I need to obtain a token.
The workflow goes like this (explaining it to myself as much as anyone else!):
Build a url with my development api key and secret key and some other OAuth stuff, send it to Evernote to request an access token.
Send the url as a request to Evernote and pull the new access token out of the response
Build another url with the access token to request an authentication token for the user. This url goes to a page the user must interact with to login (if they haven't already) and then authorize my application to access their account. The last param of the url I build is a callback url which will be called from Evernote's servers.
If all goes well, Evernote will request the callback url and include the new authentication token as a param.
Once my server receives the callback with the embedded token I can use it so that my app can interact with the users' notes on subsequent requests.
The problem is that I'm writing this app on a local box, not an ISP under a public domain. So my callback is to the localhost server. Of course, localhost is relative, so Evernote can't resolve my callback... I can't ever receive an authentication token and debug at the same time.
There has to be a way around this problem because this authentication model is not unique to Evernote (by a longshot... Flickr uses it as do a lot of other services). So can someone tell me how to set things up so I can get the authentication token and still be able to debug on my local box?
Help is much appreciated!
OAuth is quite tough to implement. It may not be the answer you're looking for, but this is how I managed to get the job done:
Write some code on my local dev machine.
Run a bat file (or alternatively hook a post-build event in VS) that executes a msbuild deploy script and deploys the application to a test server.
Run the application on the test server. After obtaining the request token and requesting for authorization it redirects to the Evernote website.
After successful authorization the Evernote website redirects back to my test server and the authorized request token is exchanged for an access token.
Instead of debugging (I don't have VS on the test server) I examine the logs of the application (the logging I used was as simple as writing to a text file).
Rinse and repeat
For the purposes of testing I registered a temporary public subdomain (e.g. testing.oauth.mydomain.com) so that Evernote will be able redirect to that url.
According to this (How do I develop against OAuth locally?) the callback is issued by the browser, so it should be able to hit localhost.