On my live server i'm getting a The redirect uri included is not valid. error message, whereas on my localhost OAuth works ok.
here's the full urls for both:
Localhost:
https://coinbase.com/oauth/authorize?response_type=code&client_id=xxx&redirect_uri=http%3A%2F%2Flocalhost%2Faccounts-coinbase%2Foauth&scope=balance+addresses+user+transactions
Live server (https://example.com)
https://coinbase.com/oauth/authorize?response_type=code&client_id=xxx&redirect_uri=https%3A%2F%2Fexample.com%2Faccounts-coinbase%2Foauth&scope=balance+addresses+user+transactions
I'm pretty confident I had the live server OAuth working before. Any ideas why it's failing now?
Ok I solved my own problem.
The error message, The redirect uri included is not valid. does NOT accurately reflect the issue at all. What was actually the problem is that my Coinbase OAuth app had a localhost redirect url.
The relevant OAuth redirect url, called a "callback url" is set from this rather hard to find page: https://coinbase.com/oauth/applications.
There I just switched localhost with example.com and it worked.
Related
Session in working fine in localhost but not at server. I am getting the error"This page isn’t working domain.com is currently unable to handle this request.
HTTP ERROR 500"
I think your config file have some error
host name
username and password check
As I run script on localhost works fine. but on server showing 403 error:
in my google console
for redirect url - xyz.com/change/googlelogin
in my browser - after login with google auth it show me like -
xyz.com/change/googlelogin?code=4/sgAnQ7T_O5l7bDPgaMQ4_s-c0Abz_wxsVPIt5bPQdaklIdF0QyoQicTXyW7CUQHh5ScUBZ4GYyyV8cZyiX-mu3s&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email with above error
This is because of modesecurity restrictions from your hosting provider. Request them to disable for your domain. I was facing same issue ,i contacted support center and they fixed issue. Now it is working fine.
Reference Link
I have wordpress with woocommerce for REST API, the wordpress is running on docker.
For http client i'm using Guzzle6 with Oauth libs in Laravel app to do the Request. The laravel app is run behind nginx
When i set the base_url to localhost:port i got 401 response
{
"code":"woocommerce_rest_authentication_error",
"message":"Invalid signature - provided signature does not match.
}
When i set the base_url to my public ip it success.
When i develop on my local machine it success using localhost as base_url Why this happend ?
I had a same issue with WooCommerce trying to send a simple GET request with postman on localhost. I fixed it by setting WP_HOME and WP_SITEURL to my local ip address, or go to Admin Panel > Settings > General and replace localhost with your ip-address for WordPress Address (URL) and Site Address (URL) as explained here:
https://wordpress.stackexchange.com/questions/180207/how-to-make-other-computer-in-local-network-see-my-theme
Hope this helps.
I'm using this php wrapper, successfully getting a code from pinterest using the link generated according to the docs:
$loginurl = $pinterest->auth->getLoginUrl($callback_url, array('read_public'));
Then when I run this:
$token = $pinterest->auth->getOAuthToken($_GET['code']);
It works fine on my local server, but when I try to run it on our Dreamhost server, I get:
Pinterest error (code: 403) with message: Forbidden
I looked through the error documentation Pinterest supplies, but I can't find anything relating to 403 errors when retrieving oauth tokens.
The only two places I've seen mention of 403 errors when requesting oauth tokens from Pinterest's API have concluded that Pinterest is blocking the ips or the user agent string.
I've tried manually overriding the user agent string to no avail.
I've tried contacting Pinterest to find out if there is anything I'm missing and they directed me here.
Make sure the Dreamhost server is using an HTTPS URL e.g. is using TLS. That could be the reason why you get a 403.
In my web app you get redirected after successful login via header('Location: https://domain.com/loggedin') but when its finished redirecting I get to following URL http://domain.com:443/loggedin which give (of course) following error
400 Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
What do I have to change? What did I do wrong or what do I have to add?
This sounds absurd but after some thinking:
I added a slash (/) at the end so now it looks like this header('Location: '.PROJECT_HTTP_ROOT.'/');.
Works like it should now!