Posts made by nishant

nishant

Heya @dan, do you have any advice on this issue?

nishant

Hi,

I'm implementing authentication using FusionAuth. I've defined an oauth_callback route which gets called on a successful login. In this route, I call the /oauth2/token endpoint from FusionAuth API passing the necessary arguments and I'm able to retrieve an access_token.

I have another route, validate_token, that calls the oauth2/introspect endpoint from the FusionAuth API and I'm able to check the validity of the above token by looking at the active field in response. The problem is active is returned as true even after I logout. Am I missing something or doing something wrong?

Appreciate the help!

Cheers,
-- N.

nishant

Thanks @dan I think we're going to go with the FusionAuth hosted pages for now.

nishant

I'm following this tutorial to register a new user via FusionAuth API. Going through this documentation for the endpoint, I found that it expects password for the new user to be sent as plain text. But this would be insecure, assuming the flow looks like My Frontend --> My Backend --> FusionAuth API --> My Backend --> My Frontend. Is there a better way of communicating the password to FusionAuth. Thanks!

nishant

Thanks Dan! It all works now.

nishant

@dan Hi Dan, just circling back. Did you have a chance to look into this? Thanks!

nishant

@dan No worries! Thanks for all your help! You can download the application zip file from here. As you'll notice, its a pretty simple app. Also I've replaced all the ip addresses and ids for security reasons so while the app won't run as is, you would still be able to get an idea of the functionality. Thanks again for your continued support! Hoping to resolve this soon!

nishant

@dan Thanks for the response. I did double check my application code and there was a client id mismatch in one of the URIs in my application code. I fixed that. However I'm still getting 401. Below is the flask server output:

<Response [401]>
error
<Response [401]>
74.15.29.84 - - [25/Aug/2020 22:43:04] "GET /oauth-callback?code=9E2MtFiIkFTS1uRBDjNXIOwLDuefGNLMqreSo1gZL2A&locale=en_US&userState=Authenticated HTTP/1.1" 200 -```

As you can see the state has changed to Authenticated now.

nishant

@dan That is correct. Below is the output on flask server:

<Response [401]>
error
<Response [401]>
74.15.29.84 - - [24/Aug/2020 15:46:33] "GET /oauth-callback?code=q0AEmFiDNOjWiGlBa64Ea7MI2BlwotSh7AAcqqjWSt4&locale=en_US&userState=AuthenticatedNotRegistered HTTP/1.1" 200 -

nishant

@dan Thanks for the response. I changed the call to exchange_o_auth_code_for_access_token swapping client_secret and redirect_uri args. I made sure that the user is registered with the application to which they are trying to authorize and that the redirect_uri is setup correctly in application config. I'm attaching screen shots from the FusionAuth app. I'm still getting a 401 response.

l would also would like to mention as an aside that the user is able to login successfully to this app. I get 401 for the auth code request post successful login.

Redirect URI setup:

User Registration:

user

Hello,

I'm using FusionAuth to handle the login and authentication functionality in my application. I've been able to successfully setup FusionAuth and a simple Flask based python application that implements the required callbacks. In the first version, the callbacks didn't perform any operation other than rendering a simple HTML template with success message. With this I was able to login and logout successfully.

However, when I try to enhance the code to get access token and user on a successful login, I keep getting a 401 error message. I'm following the quick setup tutorial here with the exception of using corresponding functions in python. My code is as below:

from app import app
from flask import request, render_template

from fusionauth.fusionauth_client import FusionAuthClient


client_id = "<my-id>"
client_secret = "<my-secret>"

client = FusionAuthClient(client_id, "http://<my-ip>:9011")

@app.route("/")
def index():
    # Render a simple page with a login button
    return render_template("public/index.html")


@app.route("/oauth-callback")
def oauth_callback():
    resp = client.exchange_o_auth_code_for_access_token(request.args.get("code"), client_id, client_secret, "http://<my-ip>:5000/oauth-callback")

    print(resp.status)
    # Render a simple page with a login succeeded message and a logout button
    return render_template("public/logged_in.html")


@app.route("/logout")
def logout():
    # Render a simple page with a logout successful message
    return render_template("public/logged_out.html")

The call to exchange_o_auth_code_for_access_token always returns 401 no matter what value I provide for the URL parameter. I'm not sure what I'm doing wrong and would appreciate any help.

Thanks in advance!
-N

nishant

Thanks!

nishant

@dan thanks for following up! Yes I upgraded our database to 5.7 with the correct options for character set and I was able to setup FusionAuth app as well as setup a sample app to demonstrate the login/logout functionality. Will dig into registering new users, password management etc. If you have some resources for creating a custom theme please do share. Thanks again!

nishant

Hi Dan,

Thanks for the quick response! Yes I'll look into upgrading MySQL.

Cheers,
-N

nishant

Hi,

I'm new to FusionAuth and trying to setup the community version. I'm using MySQL 5.6 as my database. I'm unable to complete the initial setup. The logs report the error below:

Cause: java.sql.SQLSyntaxErrorException: Specified key was too long; max key length is 767 bytes

The query being executed is this:

INSERT INTO form_fields (id, data, insert_instant, last_update_instant, name)
  VALUES (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.email", "control": "text", "required": true, "type": "email", "data": {"leftAddon": "user"}}', FLOOR(UNI
X_TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Email'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.password", "control": "password", "required": true, "type": "string", "data": {"leftAddon": "lock"}}', FLOOR(UN
IX_TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Password'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.firstName", "control": "text", "required": false, "type": "string", "data": {"leftAddon": "info"}}', FLOOR(UNIX
_TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'First name'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.middleName", "control": "text", "required": false, "type": "string", "data": {"leftAddon": "info"}}', FLOOR(UNI
X_TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Middle name'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.lastName", "control": "text", "required": false, "type": "string", "data": {"leftAddon": "info"}}', FLOOR(UNIX_
TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Last name'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.fullName", "control": "text", "required": false, "type": "string", "data": {"leftAddon": "info"}}', FLOOR(UNIX_
TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Full name'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.birthDate", "control": "text", "required": false, "type": "date", "data": {"leftAddon": "calendar"}}', FLOOR(UN
IX_TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Birthdate'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.mobilePhone", "control": "text", "required": false, "type": "string", "data": {"leftAddon": "mobile"}}', FLOOR(
UNIX_TIMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Mobile phone'),
  (SUBSTR(CONCAT(MD5(RAND()), MD5(RAND())), 3, 16), '{"key": "user.username", "control": "text", "required": true, "type": "string", "data": {"leftAddon": "user"}}', FLOOR(UNIX_T
IMESTAMP(NOW(3)) * 1000), FLOOR(UNIX_TIMESTAMP(NOW(3)) * 1000), 'Username');

Looks like the issue is related to this question, and I did notice that the name column in the form_fields is of type varchar(191) and the character set being used is utf8mb4. One of the resolutions is to use a max length of 190. I can't change the FusionAuth code. Has anyone faced this issue? Is there a known resolution or alternatively how do I solve this? Appreciate any help.

Thanks,
-N.