Announcement Announcement Module
Collapse
No announcement yet.
Getting 404 when clicking on Logging in with Facebook and Twitter Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Getting 404 when clicking on Logging in with Facebook and Twitter

    HTTP Status 404 - /signin/facebook

    type Status report

    message /signin/facebook

    description The requested resource (/signin/facebook) is not available.

    I thought that adding the ProviderSignOnController to our configuration would make those URLs automatic in our application.

    Our @Configuration class

    Code:
    @Configuration
    public class SocialConfig {
    
      @Autowired
      SpringSecuritySignInAdapter springSecuritySignInAdapter;
    
      @Autowired
      ConnectionFactoryLocator connectionFactoryLocator;
    
      @Autowired
      ConnectionRepository connectionRepository;
    
      @Autowired
      UsersConnectionRepository usersConnectionRepository;
    
     	@Bean
     	public ConnectController connectController() {
     		ConnectController connectController = new ConnectController(connectionFactoryLocator, connectionRepository);
     		return connectController;
     	}
    
     	@Bean
     	public ProviderSignInController providerSignInController() {
     		return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, springSecuritySignInAdapter);
     	}
    
    }
    Thanks

    Mark

  • #2
    I spoke a little too soon. Twitter is still giving me a 404, and Facebook goes to Facebook, but gives an different error. But that looks like it doesn't like my callback URL with localhost:8080

    "
    API Error Code: 191
    API Error Description: The specified URL is not owned by the application
    Error Message: Invalid redirect_uri: Given URL is not allowed by the Application configuration.
    "

    Thanks

    Mark

    Comment


    • #3
      Yeah, still getting 404s and the Facebook error. Not sure what I am doing wrong here. I even moved the entire configuration to the web layer.

      Here is my @Configuration class

      Code:
      @Configuration
      @EnableJdbcConnectionRepository
      @EnableTwitter(appId="${twitter.consumerKey}", appSecret = "${twitter.consumerSecret}")
      @EnableFacebook(appId = "${facebook.clientId}", appSecret = "${facebook.clientSecret}")
      public class SocialConfig {
      
        @Autowired
        SpringSecuritySignInAdapter springSecuritySignInAdapter;
      
        @Autowired
        ConnectionFactoryLocator connectionFactoryLocator;
      
        @Autowired
        ConnectionRepository connectionRepository;
      
        @Autowired
        UsersConnectionRepository usersConnectionRepository;
      
       	@Bean
       	public ConnectController connectController() {
       		ConnectController connectController = new ConnectController(connectionFactoryLocator, connectionRepository);
       		return connectController;
       	}
      
        @Bean
        	public ProviderSignInController providerSignInController(RequestCache requestCache) {
        		return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, new SpringSecuritySignInAdapter(requestCache));
        	}
      
        	@Bean
        	public UserIdSource userIdSource() {
            SpringSecurityAuthenticationNameUserIdSource userIdSource = new SpringSecurityAuthenticationNameUserIdSource();
            return userIdSource;
          }
      Here is my xml

      Code:
              <bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors"
                      factory-method="text">
                  <constructor-arg value="${security.encryptPassword}" />
                  <constructor-arg value="${security.encryptSalt}" />
              </bean>
      
      <context:component-scan base-package="com.blah.social.config"/>
      This is the html I have on my index.jsp page which is where the user can login to our app with our app user Accounts, also register, and also register through Facebook and Twitter images.

      Code:
      <section class="row-fluid inline">
                              <!-- TWITTER SIGNIN -->
                              	<form id="tw_signin" action="<c:url value="/signin/twitter"/>" method="POST">
                              		<button type="submit"><img src="<c:url value="/images/twitter/sign-in-with-twitter-d.png"/>" /></button>
                              	</form>
      
                              	<!-- FACEBOOK SIGNIN -->
                              	<form name="fb_signin" id="fb_signin" action="<c:url value="/signin/facebook"/>" method="POST">
                                      <input type="hidden" name="scope" value="publish_stream,user_photos,offline_access" />
                              		<button type="submit"><img src="<c:url value="/images/facebook/sign-in-with-facebook.png"/>" /></button>
                              	</form>
                              </section>
      Thanks

      Mark

      Comment


      • #4
        The Facebook error is easy. The callback URL for your application doesn't match up with the "Site URL" setting when you configure your application *at Facebook*. It doesn't have to be an exact match, but the Site URL needs to be the base URL for whatever the callback URL is.

        For example, consider Spring Social Showcase. Its Site URL is "http://localhost:8080/spring-social-showcase/". Under normal circumstances, running on localhost, the callback URL would be http://localhost:8080/spring-social-...ignin/facebook, which matches up with a Site URL of http://localhost:8080/spring-social-showcase/, so no problems. However, if I were running the app on a different server, a different port, or under a different app context name, then it wouldn't match up with the Site URL and I'd get the same error that you're getting.

        As for the callback URL, under most circumstances, it can be derived from the current request. There are some special cases, however, and Spring Social allows you to configure for those via the "applicationUrl" property. But you usually don't need to do this. The most common fix here is to go to developer.facebook.com and make sure that your app's Site URL is a proper base URL for your application. One thing to be sure of is to include a '/' at the end. For example, Spring Social Showcase is setup in Facebook with "http://localhost:8080/spring-social-showcase/" as its Site URL.

        As for the 404: If you're getting that for Twitter, but not for Facebook, then it means that ProviderSignInController is handling the request and that the 404 is coming downstream, probably in a redirect or a callback. I know this because even if you go to /signin/fhdsjkflhdsjfkldshajfksl, the worst that will happen is that it will redirect back to the signin page...you won't get a 404.

        Now, this leaves me wondering if there's some correlation between the FB error and the 404. Are there any special circumstances that might require you to set the application URL differently? What host are you running on? What URL do you go to for the home page?

        Comment


        • #5
          Thanks. Sorry, had to go have a little minor surgery today. Nothing major. But here is my callback URL I used

          http://localhost:8080/social/facebook/callback

          My app's DispatcherServlet is mapped to "/"

          Thanks

          Mark

          Comment


          • #6
            I updated Facebook account to have better callback URL, so I am able to choose to accept the app in Facebook. But the last call to a URL fails.

            And there is still the 404 in Twitter.

            I think they are trying to go to But with "twitter" at the end of the URL, which then redirects to

            http://localhost:8080/signin?error=provider

            For Facebook this is the URL I am getting the 404 from.

            http://localhost:8080/signup

            Thanks

            Mark

            Comment


            • #7
              I'm still thinking through your Twitter issue, but it almost looks like the Facebook piece *is* working. But it is seeing that there is no connection for the FB user and is redirecting them to the signup page. The thing is, Spring Social isn't responsible for that page. The registration page is an application-specific page and it's up to you to define a controller to handle that. Once registration is completed, you can use ProviderSignInUtils to complete the connection...but it's up to you to define the registration page.

              See the Spring Social Showcase example to see how that's done.

              Comment


              • #8
                Thanks.

                Yes, the registration page has to be my app specific.

                Unfortunately, and I don't know why, but the Showcase confused me more than anything.

                Now there are 4 examples. I personally wanted to use the new SpringSecurityAuthenticationFilter but with all the different errors I would get, I kept trying different approaches using the 4 different versions. Sometime combining ideas from the different versions. First I wanted just the xml using the new namespace. But I couldn't get that to work, then I tried full xml with all the beans defined and I couldn't get that to work. Now I have the new Annotations in @Configuration and Java Config. Which I guess is getting me closer. Just that in the Spring One presentation and the documentation doesn't say or show that you have to also have to extend and create your own

                SignInAdapter, the "built in" one wouldn't SimpleSignInAdapter class wouldn't resolve for me. So I made my own by copying someone else's.

                Or that I needed to define a bean for a UserIdSource.

                I mean, really Spring Social is very elegant and simple for a complex problem. I am just being stupid and can't get my head around it. I mean all it is is

                1) Repository to save data from the providers to a relational database, the create table script and a JDBC implementation is given to us, we have nothing to do but run the script and create a bean for JDBC.

                2) Define a bean for ConnectController which handles all the connecting to a provider, all the mapped URLs and all the REST calls out to the provider, all written and done for us. Just define a Bean. This will allow us to connect to and get information from the providers through the provider api which implements ApiBinder.

                3) The Factory which takes the providers we want to connect with and it creates a Locator for us.

                4) Then there is a SignInController, which gives us all the URL mapping and REST calls to sign into our application but by using a provider's credentials. So login with Facebook, the user uses their Facebook username password and login to our app. Which after they login, we can then lookup that user in our own application's UserDetails (if we are using Spring Security) and now the user is logged into our application with a SecurityContext/Authentication in that user's Session.

                So what am I missing?

                Thanks

                Mark

                Comment


                • #9
                  I am bummed. About 2 hours ago I replied to this thread, and it was a long reply. And it appears that I probably forgot to hit submit, or something cause it is gone.

                  Anyway, it was trying to explain how Spring Social works to see if I understand it. Anyway, I seem to have some blocker in my head to not completely understand it, even though I know it is really simple.

                  The showcase example is great, just that I don't get what is unique to that app versus always there for all Spring Social apps, so I am confused by the examples. Also that there are 4 versions of it. And not one fits my app, but I have to use combination of stuff from the examples.

                  Thanks

                  Mark

                  Comment


                  • #10
                    Mark, don't be bummed. Your long post did show up (unless you had a different long post prior to the previous one). And I can try to help as much as I can, limited only by the fact that I can't see your code (pasting it in the forum is good, but if you have this in GitHub or even a zip file somewhere that I can build/run myself, that's even better).

                    First, let me address the 4 versions of the showcase: They're all basically the same (in fact, I've given some thought to merging them and using Spring 3.1 profiles to address the differences). Here's the gist of what you are seeing:

                    - spring-social-showcase: This has primarily Java-based configuration (and a little bit of XML for Spring Security) and uses ProviderSignInController for sign-in-with-provider purposes.
                    - spring-social-showcase-xml: This is the same as the original, only it uses *all* XML configuration and no Java-based configuration.
                    - spring-social-showcase-sec: This is the same as the original, except that it uses SocialAuthenticationFilter for sign-in-with instead of ProviderSignInController.
                    - spring-social-showcase-sec-xml: This is like a mix of the 2nd and 3rd, using SocialAuthenticationFilter *and* only XML configuration.

                    With regard to configuration choices, my advice is to pick one (XML or Java) and go with it as much as you can. Later you can adapt to a mix of both XML and Java, but focus on one to get started. Pick a showcase example that will show you how to configure Spring Social for that choice.

                    With regard to sign-in-with choices, it comes down to the fact that ProviderSignInController is security framework agnostic and you must build upon the sign in adapter to tell it how to handle sign in for whatever security choice you make. It *will* work with Spring Security, but it's up to you to write the adapter code to make it work. Meanwhile, SocialAuthenticationFilter is not only compatible with Spring Security, not only focused on Spring Security, it is a proper Spring Security filter that plugs into Spring Security's filter chain. It acts *very* much like any other authentication filter in Spring Security. My advice on this choice (generally) is to choose SocialAuthenticationFilter if you're using Spring Security and to choose ProviderSignInController otherwise. That said, SocialAuthenticationFilter is kinda new and although I've tested the devil out of it, there's probably some surprises still hiding in there.

                    Also, to be clear, the samples show the new simpler configuration options. You don't have to explicitly declare everything like in the 1.0.x days (although that will still work). But what's lost in that style of configuration is a clarity of what kind of beans are being configured. So if you have any concerns/questions about that, let me know and I'll try to help.

                    You've pointed out (in your long post) some stuff that's confusing you, but if there were one or two questions that I could answer to get you moving a bit further, what would they be? I'll be happy to address all of your questions, but let's start with the 1 or 2 that would be most helpful. Also, if you have your app somewhere shareable (Github, ideally), that'd be awesome. That way I can see exactly what you're seeing.

                    Comment


                    • #11
                      Thanks

                      Yeah, I see my long post now. Wonder why I didn't see it before.

                      Meanwhile I managed to get myself side tracked. Bootstrap themes out there, and spent the past hour or two trying to get a nice <hr> with text in the middle to look nice, using different approaches. Easy to get sidetracked on these little stupid things.

                      Never did get that to work. Had great samples online, but as usual something specific in my app with Bootstrap makes standard stuff not work.

                      Anyway. Now I am back. And what used to work a bit in Facebook is now giving me an error.

                      An error occurred. Please try again later.

                      API Error Code: 191
                      API Error Description: The specified URL is not owned by the application
                      Error Message: redirect_uri isn't an absolute URI. Check RFC 3986.

                      I wonder if the user is already accepted/authenticated through Facebook, that this error is like Twitters, in that the redirect/callback to my app is not set up.

                      Thanks

                      Mark

                      Comment


                      • #12
                        So some code.

                        Here is the section in our index.jsp page for connect/login to FaceBook and Twitter.

                        We have a single page app, so on the home main page is a login username/password in the Bootstrap nav, and a Registration form under that in the content/body section and these two buttons underneath the registration form

                        Code:
                        <section class="row-fluid">
                            <section class="span3 offset9">
                                <div class="divider">Or</div>
                        
                                  <!-- TWITTER CONNECT -->
                                  <form id="tw_register" action="/connect/twitter" method="POST">
                                      <button type="submit" class="btn btn-block btn-danger">
                                          <img class="icon-align-left icon-resize-horizontal" src="/resources/images/twitter/t_logo-a.png"/>
                                                   Register with Twitter
                                     </button>
                                  </form>
                                  <!-- FACEBOOK CONNECT -->
                                  <form name="fb_register" id="fb_register" action="/connect/facebook" method="POST">
                                       <input type="hidden" name="scope" value="publish_stream,user_photos,offline_access" />
                                       <button type="submit" class="btn btn-block btn-danger">
                                            <img class="icon-align-left icon-resize-horizontal" src="resources/images/social/facebook_32.png"/>
                                                    Register with Facebook
                                        </button>
                                  </form>
                            </section>
                        </section>
                        here is the configuration
                        Code:
                        @Configuration
                        @EnableJdbcConnectionRepository
                        @EnableTwitter(appId="${twitter.consumerKey}", appSecret = "${twitter.consumerSecret}")
                        @EnableFacebook(appId = "${facebook.clientId}", appSecret = "${facebook.clientSecret}")
                        public class SocialConfig {
                        
                          @Autowired
                          SpringSecuritySignInAdapter springSecuritySignInAdapter;
                        
                          @Autowired
                          ConnectionFactoryLocator connectionFactoryLocator;
                        
                          @Autowired
                          ConnectionRepository connectionRepository;
                        
                          @Autowired
                          UsersConnectionRepository usersConnectionRepository;
                        
                         	@Bean
                         	public ConnectController connectController() {
                         		ConnectController connectController = new ConnectController(connectionFactoryLocator, connectionRepository);
                            connectController.setApplicationUrl("${site.url}");
                         		return connectController;
                         	}
                        
                          @Bean
                          	public ProviderSignInController providerSignInController(RequestCache requestCache) {
                          		return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, new SpringSecuritySignInAdapter(requestCache) );
                          	}
                        
                          	@Bean
                          	public UserIdSource userIdSource() {
                              SpringSecurityAuthenticationNameUserIdSource userIdSource = new SpringSecurityAuthenticationNameUserIdSource();
                              return userIdSource;
                            }
                        
                        }
                        Here is the Encryptor

                        Code:
                        <bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors"
                                        factory-method="text">
                                    <constructor-arg value="${security.encryptPassword}" />
                                    <constructor-arg value="${security.encryptSalt}" />
                                </bean>
                        Our dispatcherServlet is mapped to "/"

                        I believe that is all the code/configuration currently in our application. I do have a custom UserDetailsService and a custom UserDetails for Spring Security, but there is no Spring Social code in it. Also there are no Controllers with @RequestMapping to any social URL, which I might end up needing.

                        Thanks

                        Mark
                        Last edited by bytor99999; Feb 5th, 2013, 04:42 PM. Reason: readability

                        Comment


                        • #13
                          What does ${site.url} resolve to?

                          And why did you feel like you needed to set the applicationUrl property? (Maybe you need to, but I want to understand why you thought it necessary.)

                          And what is the Site URL configured as at developer.facebook.com?

                          At a glance, your configuration looks fine and the error you're getting from FB sounds like the same mismatch between your redirect URL and the Site URL that you were getting yesterday.

                          Comment


                          • #14
                            I've copied and pasted config stuff so much, that I have no clue where I got ${site.url} from.

                            So, I just removed it.

                            Is there a place in the documentation that shows where/which Controller you would put an @RequestMapping for the callback in the end? Or in the showcase app?

                            Thanks

                            Mark

                            Comment


                            • #15
                              So still getting the Facebook error.

                              For Twitter now I get

                              HTTP Status 404 - /WEB-INF/views/connect/twitterConnect.jsp

                              Don't understand where it would get that from.

                              Probably what happens when you copy paste from others work.

                              Mark

                              Comment

                              Working...
                              X