All geek questions in one place

How to disable "Use strict mode for URI redirection" in facebook application

Is it possible to disable the option Use Strict Mode for Redirect URIsin the Facebook application? It seems that since March 2018, this property is automatically turned on and grayed out, so it cannot be turned off. Facebook does not seem to allow authentication unless the exact URL is provided at Valid OAuth Redirect URIs. This is a problem because the Sitecore Social Connected module seems to go through every single parameter in the query line every time you log in. I tested the application Redirect URI Validatoron the Facebook application, and this confirms that the redirect should be exactly the same as for Valid OAuth Redirect URIs.

+9
source share
2 answers

Is there a way to disable the option Use Strict Mode for Redirect URIsin the Facebook app?

NO

Due to security changes made to Facebook, it is no longer possible to disable this setting.

Regarding the features of Sitecore and the Social Connected module, I found from the comments of @CBroe that Valid OAuth Redirect URIsnow should contain the query string parameter as follows:

http://example.com/layouts/Social/Connector/SocialLogin.ashx?type=access

I only had before

http://example.com/layouts/Social/Connector/SocialLogin.ashx

If you use HTTPS, you will need to enter a URI with a port number, as well as ie

https://example.com:443/layouts/Social/Connector/SocialLogin.ashx?type=access

This last point is not related to recent changes in the Facebook application.

+6
source

The same experience, I could not turn it off. What ended up working for me

I have a link on my site that launches the login process:

https://www.example.com/users/auth/facebook

After that, my rails application is redirected to

https://www.facebook.com/v2.6/dialog/oauth?client_id=1234&redirect_uri=https%3A%2F%2Fwww.example.com%2Fusers%2Fauth%2Ffacebook%2Fcallback&response_type=code&scope=email&state=123456

Facebook is responding

https://www.example.com/users/auth/facebook/callback?code=abcverylongcodexyz

URI, , " https://www.example.com/users/auth/facebook/callback ", .

FWIW, http https, config/initializers/devise.rb,

config.omniauth :facebook, '1234', '34567', :scope => 'email', :callback_url => 'https://www.example.com/users/auth/facebook/callback'

http: URL- , - URI .

0

Source: https://habr.com/ru/post/1695170/

More articles:


All Articles