I have an iFrame Facebook application. I am using the Facebook C# SDK, Facebook and Facebook.Web libraries.
When a user first comes to my application I create a FacebookApp object on page_load(). If the app.Session is null I create a CavasAuthorizer(app) then call Authorize().
Two problems:
First, the redirect URL that is generated by calling Authorize causes Facebook to error with a bad "next" parameter. Says the "next" parameter is not owned by the application. It looks like this:
next=http://localhost:4002/facebookredirect.axd/mygame_dev/mygame.aspx
I can edit the code in CanvasURLBuilder to make the next look like this:
next=http://localhost:4002/mygame.aspx
At this point the URL works if I cut and paste into a browser however it brings me to my second issue.
When the code runs the user is presented with a mostly empty page with a mid-sized Facebook image and a link "go to Facebook". When the user clicks on the link it then takes the user to the correct authorization page for my application.
I have a feeling these are two possibly related issues but potentially separate.
Any help here would be greatly appreciated.
-Andy
For the first problem
Make sure the site Url in the app configuration page is set to http://apps.facebook.com/[your_app]/
For the second problem.
When you are not authorized you are redirected to the login url but you can't do it from your iframe since it will redirect the iframe and you will get a Facebook inside facebook.
You should use window.top.location = ... to redirect the parent window.
EDIT
Facebook C# SDK Already does this for you when using the Mvc part of the SDK. Since you are using webforms you should use this code that is the equivalent.
protected void Page_Load(object sender, EventArgs e)
{
var fb = new FacebookApp();
var auth = new CanvasAuthorizer(fb);
if (!auth.IsAuthorized())
{
var url = auth.GetLoginUrl(new HttpRequestWrapper(Request));
var content = CanvasUrlBuilder.GetCanvasRedirectHtml(url);
Response.ContentType = "text/html";
Response.Write(content);
Response.End();
return;
}
//...Go on if authorized
}
To test locally make sure your Site URL and Canvas URL in facebook is something like http://localhost:8181/yourpage. Then make sure in VS you set the setting under project properties\Web so that ports are not dynamically generated and you can use 8181 (or whatever port you like, as long as it is the same as in FB).
I think your Callback url in your web config is pointing to localhost. You can't do that since the code actually runs inside of Facebooks IFrame. Localhost is localhost to the facebook web server. You will have to give a valid url in the Callback key in your web.config. If you don't have a domain you can map to your ip then check out any of the free dynamic dns clients out there. No-ip is one exammple (and one I use personally).
Related
I am trying to setup a social login for my site.
Here is what I did:
I created credentials on google and have both ClientID and Secret
In default MVC app, in App_Start Startup.Auth.cs I uncommented
app.UseGoogleAuthentication()* method, so it looks like this:
Build solution!
Made sure authorized JavaScript origins and Redirect url are correct. And other things that are needed on console.cloud.google.com are done. Including activation of Google+ API
Eventually Google authentication button should appear in _ExternalLoginsListPartial partial view. But as I can see I have 0 login providers still. And not sure why, and what can I do about it?
var loginProviders = Context.GetOwinContext().Authentication.GetExternalAuthenticationTypes();
//loginProviders.Count() here returns 0
Tried researching, but most are saying that you forgot to build, or restart the server. Tried that but nothing changed.
As last resort, I tried following a tutorial https://youtu.be/WsRyvWvo4EI?t=9m47s
I did everything as shown there, I should be able to reach api/Account/ExternalLogins?returnUrl=%2F&generateState=true url, and receive callback URL from Google.
But I got stuck with same HTTP404 error at 9:50
To answer my question, everything turns out to be fine.
All I had to do was just to give it some time.
After couple of hours, Google provider appeared on the page.
For future readers - if met with 404 in this case, another possibility is an active filtering rule against query strings in IIS. One of the commonly copy-pasted rules aiming to block SQL injection requests scans the query string for open (to catch OPEN cursor). Your OAuth request probably contains this word in the scopes section (data you want to pull from the Google profile)
IIS -> Request Filtering
Switch to the tab "Rules"
Inspect and remove any suspicious active filters there
Currently I have a slack button in my WPF application that opens a webpage and asks for user for access.
System.Diagnostics.Process.Start("https://slack.com/oauth/authorize?scope=client&client_id=XXXXXXXXXXXXXXXXXXXXXX");
After authorizing, the page gets redirected to a URL which has a generated code in the parameter that I need to get a token later on. The problem is how do I get this code. For now I have set the the redirect URL to, www.slack.com. And the following url is generated.
https://slack.com/?code=8XXXXXXXXXXXXXXX.XXXXXXXXXXXXXX5&state=
How do get the code back into my application. I am using the following but am not getting the response I need and this executes before the user can even authorize.
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(URL);
var response =req.RequestUri.ToString();
Alternative solutions and suggestions would be good to implement my authorization for a desktop application using C#.
As part of the oauth process Slack will call your application using the redirect url and return the code parameter. So you the redirect URL needs to point to your application. Not to slack.com.
You will need to read the url parameters that your application as been called with. In C# that can be done with code = Request.QueryString["code"];
Your c# application needs to run as ASP script on a webserver that is accessible from the Internet, so that Slack can reach it.
In order to use Slack for authentication your application needs to implement the complete oauth process as described here.
I have developed one existing site with new technology. But my old site was developed so far ago so it is crawled in search engine. But my question starts now. In old site, there was one page url : root/abc?type=xyz, and now in development url is like : root/mnp/xyz.
Now What I have to do to redirect from old url to new url? I don't want to rewrite url, only redirection should be done. Guide me for it.
Thanks,
Dipa
I think the easiest way would be making a javascript function that runs when the window loads, and all it does it redirection to the new website.
Put that script in the old website, and then if anyone tries to get to your old website it would just redirect him to the new one.
You will need to create a content page in Umbraco with URL "root/abc" and add redirection code in the first few lines of the corresponding template (razor view) for the page.
Solution:
You need to tell Search Engine that your old URL no more exists and it has been replaced with a new one. Asp.net provides a very simple way to perform this job.
You just have to call Response.RedirectPermanent. It sends the response 301 to Search Engine that this URL has been replaced with the new one.
For Example:
Response.RedirectPermanent("root/mnp/xyz");
You can read a bit more detail here.
Your approach should be:
But in your case the problem is your old site doesn't exist anymore. So you will have to do some extra work here:
Create a site based on web-forms and add all the pages on which you want to perform redirection
On page load event of every form do RedirectPermanent to new URL
Host the site on same domain
Sample:
I am providing here a sample for the example you have in the question:
protected void Page_Load(object sender, EventArgs e)
{
string type = Request.QueryString["type"];
if (type != null)
{
Response.RedirectPermanent("root/mnp/" + type);
}
}
A comprehensive tutorial about the topic.
Hi I hope someone can help me out here.
I have a Web Application (asp.net) on my local machine, I am trying to upload video to YouTube using this sample https://developers.google.com/youtube/v3/code_samples/dotnet#upload_a_video
I have set up client id and secret for Web application in Google console when I try to upload video a browser tab opens to select one of my google accounts and once I sig in I get redirect_uri_mismatch the response details on that page are below:
cookie_policy_enforce=false
scope=https://www.googleapis.com/auth/youtube.upload
response_type=code
access_type=offline
redirect_uri=http://localhost:55556/authorize/
pageId=[some page id removed here for security reasons]
display=page
client_id=[some unique id removed here for security reasons].apps.googleusercontent.com
one interesting thing is that the redirect_uri=http://localhost:55556/authorize/ is completely different from the one set up in Google console and the one in client_secrets.json also each time I get the error page the port number changes.
redurect urls and origins are set as follows in Google console I think I have added all combinations just in case:
Authorized redirect URI
http://localhost/
https://localhost/
http://localhost:50169/AddContent.aspx
https://localhost:50169/AddContent.aspx
http://localhost:50169
Authorized JavaScript origins
http://localhost/
https://localhost/
http://localhost:50169/
https://localhost:50169/
I am not sure why redirect-uri on the error page does not match any of the
Authorized redirect URI I have specified in Google console ? any ideas ?
Also is it possible that everything is set-up correctly in Google console and my code but this error is triggered by something else like maybe I missed some setting on my you tube account ? I did not make any setting changes since I don't think I have to is that correct ?
Ok I belive that direct video upload to the website owner account is no longer supported in YT API v3.0 according to those posts.
Can YouTube Direct Upload to a Common Account for All Users?
How can I get the youtube webcam widget to upload to one account using API?
Shame, I think I will need to host the videos that users upload on my servers.
However the original issue was fixed by adding this URI to the redirect URIs in the developer console
http://localhost/authorize/
Google OAuth 2 authorization - Error: redirect_uri_mismatch
I got it to work by setting the Redirect URIs to exactly this:
http://localhost:50517/signin-google
Note:
- it does not work with a trailing slash
- port number is whatever your visual studio is assigning
- I set JavaScript Origins to:
http://localhost:50517/
With you, though, would be nice if someone actually documented this somewhere...
You should look into your code where you create the authorization URI. You need pass one of the redirect URIs you registered with Google developer console. I guess you're using some OAuth2 library which uses the localhost:port/authorize as the default redirect URI. The port changes because each time you start your local server, it picks a different port number. To fix it, you should specify a port number when starting it, for example, 8080. Then you should register localhost:8080/AddContent.aspx in Google developer console and pass it to whichever library you use to create the authorization URI.
I experienced a similar problem when trying to setup the quickstart app for the Drive REST API. I kept getting the redirect_uri_mismatch error and the port number with that error kept changing. The fix for me was to change the redirect URI in the Google Developers Console for my app to not include the port number.
There is a really easy way to get round this and I kicked myself when it dawned on me.
I am using "Web Application" credentials - you'll want the credentials manager open btw.
Run the DotNet sample app and let the browser open (I get the "Select An Account" page) - then look in the URL for the redirect URI that's been automatically generated by Google's code something like:
redirect_uri%3Dhttp://localhost:62041/authorize/
Then just go to the credentials manager and add this URL to the allowed list and save. Now select your google account and see what happens - it takes a few minutes for the API to update - if you get the redirect error page just hit back and select you account again - eventually it works and returns back to visual studio.
Once the account has been authorised once it sticks (clear the bin directory to unstick it) but this means you can now put a break point in the code and look at the credentials variable to get the refresh token everyone is so desperately trying to get so that you can persist account connections.
My application has some menu buttons that sends the users to my website.
I want to differentiate in the website how many users came from my app, out of all the regular users.
My app is written in C#, and currently I direct users like this:
string url = "http://mysite/somepage";
System.Diagnostics.Process.Start(url);
On the server side, I use Piwik for my web paralytics.
Any suggestions?
Update
One good solution will be to add some parameter to the URL. Yet I was wondering if it's possible to play with the referrer field, for the sake paralytics simplicity.
Add something to the url, probably in the querystring that identifies that the user has originated from your application, like:
string url = "http://mysite/somepage?source=myApplication";
System.Diagnostics.Process.Start(url);
You can/could also use this to track the versions of your app that are in use by adding more to the url, for example ?source=myApplication&version=1.0.3 =)
Just add a parameter to the URL coming from your app, other users will not have that:
string url = "http://mysite/somepage?fromApp=v1";
On your website, you can pick that up to differentiate users. Do a redirect immediately after, so they will not bookmark the page with this URL.
Can't you just add some parameter to the URL your application is using and use that to filter users coming from your app?