I keep getting a wrong redirect_url from Identity provider during authentication step.
I checked encoding it’s correct and url decoded version does match the other side.
2024-01-23T11:51:29Z app[9185d56b37d283] sjc [info]D, [2024-01-23T11:51:29.813011 #306] DEBUG -- : [578c1f4f-ea7c-4732-8dca-068ee143af6d] The redirect https://balancebots.fly.dev/users/auth/intuit/callback
Which results in properly structured
In fact, I ran the same container locally and used
ngrok to try reproducing this issue. However, OAuth worked fine with ngrok.
It seems to be a running theme with
render.io as well.
Is there any weird routing at the edge that I should be aware of? Or I am just going insane?
Are you using an OAuth2 provider (such as Laravel Socialite) … or rolled your own? Only there may be some docs about it, if other people find the same. Especially if you find the same on other cloud providers, which would
suggest it’s not Fly-specific.
The URL looks ok to me but yes, it has to exactly match what is expected/registered, so that would be the first thing I’d check
The server should
reject any authorization requests with redirect URLs that are not an exact match of a registered URL.
In order to avoid exposing users to open redirector attacks, you must require developers register one or more redirect URLs for the application. The
Est. reading time: 2 minutes
I see this is tagged with Rails. Check
# config.assume_ssl = true
config.force_ssl = true
And try setting both to true (by uncommenting out the first one)
Thanks for such a prompt response, Greg!
Yeah, I did verify the URL a few times and even sanitised it to ensure no unreadable chars snuck in before pasting it into Intuit’s dashboard.
The provider I am using is Intuit. This is a QuickBooks app.
With the first suggestion on redirects, I used burpsuite proxy on both ngrock and fly, there is no difference on the way out.
I wonder if that has to do tls. Will look into your suggestion shortly. However, this up does force ssl.
Same story with both uncommented.
@andrewshatnyy It’s beyond my Rails experience I’m afraid but you are in good hands with @rubys .
Could it be using a redirect uri set up for sandbox … in production, or vice versa
? That was my other total guess, at least based on the screenshot in here.
Thank you for your help. It’s been massive so far, comparing to other Intuit support
My app is still in sandbox, Intuit needs full blown verification for production. Weirdly I am why would the
I’ll give read throng the linked git-repo… Thank you
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.