Laravel socialite showing HTTP Error 403 – Forbidden for google login on the callback but working fine for facebook login. Previously it was working fine but after adding SSL it is showing the error I am not able to find out what is the problem, same code was running fine on another subdomain, Google plus API is enabled. Someone, please help me out
here is the URL – www.beingreligious.com
When i login with google with it return
https://www.beingreligious.com/auth/google/callback?state=JSqZHyIkS6bLMTMHZ4dMmbgXJwbXuDiwOqVBSp7I&code=4/WgDWcviWNpyVBB4ScPG7mNzQAveXOAlc9dQ5bvwn7BVhfUyCBegloMU7lK3O7hGxSphyHp86Nm36Vl40eE3LsNc&scope=https://www.googleapis.com/auth/plus.me+https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/userinfo.email&authuser=1&session_state=db2d5443920526f58d68ac724e14f4e5af70497f..2a92&prompt=consent#
here is the callback function
public function handleProviderCallback(Request $request,$provider)
{
//echo "here"; die;
$user = Socialite::driver($provider)->user();
$authUser = $this->findOrCreateUser($user, $provider,$request);
Auth::login($authUser, true);
$next=session()->get('nextbtn');
if($next!='')
{
return redirect('/check_sign_up?next='.$next);
}else{
return redirect('/check_sign_up');
}
}
2
Answers
I faced this issue because of Mod-security rule set up on my domain. ModSecurity is one of the apache server modules that provides a complete website protection by defending hackers and other malicious attacks.
I requested my server provider to disable it for my domain, because I am using a shared server. After it, I didn’t face this issue and the google login is working as expected.
Still, issue continuing,
click this link, you will get 403 error.
https://www.beingreligious.com/?scope=http%3A%2F%2F
Reference here
403 Forbidden Error While Sending GET Data