Azure App Service (Asp.net core) Facebook Login problem (redirect_uri_mismatch)

Marcin
July 26, 2019
98 views
0 votes
2 Answers

I configured Facebook Login in my Asp.Net core app (according to https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/facebook-logins?view=aspnetcore-2.2) – works like a charm on localost.

But when I deployed my app on Azure I’m getting this error (after clicking facebook button and getting redirected from facebook to https://.azurewebsites.net/signin-facebook?code=xxx:

System.Exception: An error was encountered while handling the remote login. ---> System.Exception: OAuth token endpoint failure: Status: BadRequest;Headers: Vary: Accept-Encoding
 WWW-Authenticate: OAuth "Facebook Platform" "redirect_uri_mismatch" "Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
 facebook-api-version: v3.1
 Strict-Transport-Security: max-age=15552000; preload
 Pragma: no-cache
 x-fb-rev: 1000986790
 Access-Control-Allow-Origin: *
 Cache-Control: no-store
 x-fb-trace-id: H0puEQmIpA5
 x-fb-request-id: AWNLNIxmFnAZBZf50w85dNg
 X-FB-Debug: 8KfmNQQZ/alv5CCUaaeJlpEEjMyh+Wqz8jV/YRg/WfIGTMRlIqByhhsHgD065MsT3c/JIUyfSYGH6rRm7wYLKA==
 Date: Fri, 26 Jul 2019 08:06:07 GMT
 Transfer-Encoding: chunked
 Connection: keep-alive
 ;Body: {"error":{"message":"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.","type":"OAuthException","code":191,"fbtrace_id":"AWNLNIxmFnAZBZf50w85dNg"}}; --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.Invoke(HttpContext context)

In my facebook app Settings/Basic/AppDomains and Facebook login/Settings/Valid OAuth Redirect URIs seem to be properly configured

Answers

Chosen as BEST ANSWER
- Marcin
- July 30, 2019 at 4:13 pm
- 0 votes
0
The problem was that my app was passing to facebook redirect_url with "http" scheme (instead of "https"). The solution:
```
app.Use((context, next) =>
{
    if (context.Request.Headers["x-forwarded-proto"] == "https")
    {
        context.Request.Scheme = "https";
    }
    return next();
});
```

(Edit)

As the document said here, ASPNETCORE_FORWARDEDHEADERS_ENABLED=true app setting also needs to be added in Azure.

In ConfigureServices:

if (string.Equals("true", hostingContext.Configuration["ForwardedHeaders_Enabled"], StringComparison.OrdinalIgnoreCase))
{
    services.Configure<ForwardedHeadersOptions>(options =>
    {
        options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
        // Only loopback proxies are allowed by default. Clear that restriction because forwarders are
        // being enabled by explicit configuration.
        options.KnownNetworks.Clear();
        options.KnownProxies.Clear();
    });
}

Here is a similar issue you could refer to.

Please signup or login to give your own answer.

Click here to cancel reply.