everyauth icon indicating copy to clipboard operation
everyauth copied to clipboard

OAuthException: redirect_uri isn't an absolute URI.

Open lancejpollard opened this issue 14 years ago • 5 comments

Hey,

Really looking forward to using everyauth, but I'm getting a strange error…

When I try to authenticate with Facebook on a top-level domain (example.com instead of www.example.com or docs.example.com), I am getting the OAuthException "redirect_uri isn't an absolute URI. Check RFC 3986.". The full terminal output is below (coming from the heroku logs):

2012-01-10T21:26:28+00:00 app[web.2]: 10.42.230.65 - - [Tue, 10 Jan 2012 21:26:28 GMT] "GET /auth/facebook HTTP/1.1" 200 - "http://somesite.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.75 Safari/535.7"
2012-01-10T21:26:28+00:00 app[web.3]: 
2012-01-10T21:26:28+00:00 app[web.3]: /app/node_modules/everyauth/lib/modules/everymodule.js:352
2012-01-10T21:26:28+00:00 app[web.3]:   throw err;
2012-01-10T21:26:28+00:00 app[web.3]:   ^
2012-01-10T21:26:28+00:00 app[web.3]: Error: {"error":{"message":"redirect_uri isn't an absolute URI. Check RFC 3986.","type":"OAuthException"}}
2012-01-10T21:26:28+00:00 app[web.3]:     at [object Object].fail (/app/node_modules/everyauth/lib/promise.js:50:15)
2012-01-10T21:26:28+00:00 app[web.3]:     at EventEmitter.<anonymous> (/app/node_modules/everyauth/lib/modules/oauth2.js:184:11)
2012-01-10T21:26:28+00:00 app[web.3]:     at EventEmitter.emit (events.js:67:17)
2012-01-10T21:26:28+00:00 app[web.3]:     at EventEmitter._respond (/app/node_modules/restler/lib/restler.js:127:12)
2012-01-10T21:26:28+00:00 app[web.3]:     at EventEmitter._fireEvents (/app/node_modules/restler/lib/restler.js:131:52)
2012-01-10T21:26:28+00:00 app[web.3]:     at /app/node_modules/restler/lib/restler.js:115:19
2012-01-10T21:26:28+00:00 app[web.3]:     at IncomingMessage.<anonymous> (/app/node_modules/restler/lib/restler.js:113:32)
2012-01-10T21:26:28+00:00 app[web.3]:     at IncomingMessage.emit (events.js:81:20)
2012-01-10T21:26:28+00:00 app[web.3]:     at IncomingMessage.<anonymous> (/app/node_modules/restler/lib/restler.js:205:5)
2012-01-10T21:26:28+00:00 app[web.3]:     at HTTPParser.onMessageComplete (http.js:133:23)
2012-01-10T21:26:28+00:00 heroku[router]: Error H13 (Connection closed without response) -> GET somesite.com/auth/facebook/callback dyno=web.3 queue= wait= service= status=503 bytes=

The redirect uri I'm getting back from Facebook is:

http://somesite.com/auth/facebook/callback?code=AMB2O0wfoQSj87vmF3DL3Dv8agixnhlnSD25XOMgyWSMU4vZgBzfTbTwf4hyeYQEgDTbEKhLlkqT-rON4z7XwuBgGn0CRW7uKpgVIQwLkcowg8VSCe4WJ1Iwl7HmFPTnFv97XEazEBCRnPJZcFPQ2ZWNWX7VEhIYnc_91oSqbHUSj99_tu_bzLKcHoGaYiMg52Q#base_domain=somesite.com

Note: This only seems to be happening on top-level domains, and seems to be happening sporadically -- every now and then it works. It works locally and on a heroku subdomain like myapp.herokuapp.com, so I'm not entirely sure...

I'm not entirely sure if this is an everyauth issue, but do you have any ideas or experience with this? Thanks for your help.

lancejpollard avatar Jan 10 '12 21:01 lancejpollard

Happens to me too, can't figure out what triggers it.

diversario avatar Jan 12 '12 17:01 diversario

I just had the same issue and found the problem:

After you get the code from facebook everyauth has another step called 'getAccessToken' which makes another request to facebook on "https://graph.facebook.com/oauth/access_token?redirect_uri=. In order to build the redirect_uri this step assumes that the property "myHostName" has already been set in the previous steps. But if you run in a load balanced environment or has multiple instances, myHostName may be undefined at this stage, and so the redirect_uri is invalid.

Setting myHostName at the beginning of getAccessToken step fixed the issue for me.

gilad61 avatar Feb 06 '12 10:02 gilad61

Please, oh, please, merge thi :) I have the same issue, as gilad61 talking about. My app is hosted on heroku and time-to-time I'm getting this nasty error. Issue appears only if two or more dyno's are enabled. On one dyno everything is ok.

josser avatar Nov 04 '12 11:11 josser

I have the same issue too. I use cluster and 4 forks of script. How I can get round this problem? Can I save myHostName data in Redis store?

asci avatar Dec 04 '12 08:12 asci

I'm resolved my problem by using passportjs instead everyauth.

asci avatar Jan 09 '13 13:01 asci