Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix DEV stack authentication url with localhost redirect_uri #743

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Fix DEV stack authentication url with localhost redirect_uri #743

wants to merge 2 commits into from

Conversation

willemarcel
Copy link
Collaborator

No description provided.

@jake-low
Copy link
Contributor

I tried testing this. What I observed was:

  1. I clicked "Sign in" in OSMCha
  2. I was directed to osm.org to authorize OSMCha to access my account
  3. After clicking "Authorize" I was directed back to OSMCha, but instead of being logged in, I see an error page that says Source authorized does not exist

Is that expected? In Slack you mentioned that there's a backend issue that affects this too, so maybe that's what I'm seeing, but just wanted to check.

@willemarcel
Copy link
Collaborator Author

@jake-low I think this solution will not work. I'm seeing this error in the osmcha backend when I try to login:
oauthlib.oauth2.rfc6749.errors.InvalidGrantError: (invalid_grant) The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.

@batpad
Copy link

batpad commented Aug 27, 2024

Hmm .. can we try:

  • Go the OAuth2 Application Settings in your OSM Profile (My Settings) for the OAuth2 app keys being used
  • Check the Redirect URIs
  • I think you will need to add something like http://127.0.0.1:8000 to the list of allowed redirect URIs

Another thing to try is maybe redirecting to http://localhost:8000 instead of http://127.0.0.1:8000 here: https://github.com/OSMCha/osmcha-frontend/pull/743/files - this redirect is basically being performed by openstreetmap.org and it won't allow redirecting to arbitrary URIs not in the list of allowed Redirect URIs in your application config. There might be an exception for localhost that does not get applied when it's written as 127.0.0.1

Am pretty certain this should be the issue - if 127.0.0.1 already exists in the list of allowed Redirect URIs, then I don't know what's going on ...

@willemarcel
Copy link
Collaborator Author

@batpad I have 127.0.0.1/authorized in the allowed redirect urls of the oauth2 key, OSM oauth2 doesn't allow localhost.

A solution I used on another project was to add another endpoint in the backend to authenticate and redirect the user to 127.0.0.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jake-low jake-low Awaiting requested review from jake-low

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@willemarcel @jake-low @batpad