Agorava empire avenue redirect URI mismatch

[Guruprasad Shenoy]

Hi,

When using agorava empire avenue, we get the error (complete stack trace below)

Response body is incorrect. Can't extract a token from this: ' {"error":"redirect_uri_mismatch","error_code":9214,"error_description":"The redirect URI is missing or do not match"}'

after startDanceFor is called.

Please let me know if my configuration is incorrect. I have tried different combinations of Redirect URL on empire avenue but get the same error.

using agorava empire avenue 0.7.0

The URL generated by startDanceFor is:

https://www.empireavenue.com/profile/developer/authorize?client_id=app_52e76d9c43f63&redirect_uri=%2Fcallback%3Frepoid%3Dacca62da-1f13-466b-a4b7-a22886b439c5&response_type=code&state=request_auth_code

The agorava properties file contains:

apiKey=app_52e76d9c43f63

apiSecret=1f89838370d1c6e19274ecf6926d79fe13a0e865cef278793c2a4c0a43d65f

internalcallback=/icallback.xhtml

resolverType=request

callback=/callback

The application configured on empire avenue is:

Full exception trace:

14:28:47,329 ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /trakstok/callback: org.agorava.api.exception.AgoravaException: Response body is incorrect. Can't extract a token from this: ' {"error":"redirect_uri_mismatch","error_code":9214,"error_description":"The redirect URI is missing or do not match"}'

at org.agorava.helpers.extractors.TokenExtractor20Final.extract(TokenExtractor20Final.java:52) [agorava-core-impl-0.7.0.jar:]

at org.agorava.helpers.extractors.TokenExtractor20Final.extract(TokenExtractor20Final.java:34) [agorava-core-impl-0.7.0.jar:]

at org.agorava.oauth.OAuth20FinalServiceImpl.getAccessToken(OAuth20FinalServiceImpl.java:58) [agorava-core-impl-0.7.0.jar:]

at org.agorava.oauth.OAuthServiceBase.getAccessToken(OAuthServiceBase.java:232) [agorava-core-impl-0.7.0.jar:]

at org.agorava.cdi.OAuthLifeCycleServiceImpl.endDance(OAuthLifeCycleServiceImpl.java:108) [agorava-core-impl-cdi-0.7.0.jar:]

at org.agorava.cdi.OAuthLifeCycleServiceImpl.endDance(OAuthLifeCycleServiceImpl.java:127) [agorava-core-impl-cdi-0.7.0.jar:]

at org.agorava.servlet.OAuthCallbackServlet.doGet(OAuthCallbackServlet.java:61) [agorava-core-impl-0.7.0.jar:]

at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]

at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]

at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:87) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at org.agorava.servlet.CaptureAbsolutePathFilter.doFilter(CaptureAbsolutePathFilter.java:55) [agorava-core-impl-0.7.0.jar:]

at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:56) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at org.apache.deltaspike.servlet.impl.event.EventBridgeFilter.doFilter(EventBridgeFilter.java:59) [deltaspike-servlet-module-impl-0.5.jar:0.5]

at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:56) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at org.apache.deltaspike.servlet.impl.produce.RequestResponseHolderFilter.doFilter(RequestResponseHolderFilter.java:50) [deltaspike-servlet-module-impl-0.5.jar:0.5]

at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:56) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:70)

at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:52) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:67) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:70) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)

at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146) [undertow-servlet-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.server.Connectors.executeRootHandler(Connectors.java:164) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:654) [undertow-core-1.0.0.Beta30.jar:1.0.0.Beta30]

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_21]

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_21]

at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_21]

[Antoine Sabot-Durand]

Hi,

As I told Raj, you really should check the configuration of your app on EA website (https://www.empireavenue.com/profile/developer). In these settings you should have the right app domain and the same redirect url (without parameter). I’m not EA specialist and their OAuth implementation seems very specific but before going further you should check theses points.

Regards,

Antoine

--
You received this message because you are subscribed to the Google Groups "Agorava Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to agorava-dev...@googlegroups.com.
To post to this group, send an email to agora...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/agorava-dev/8eac7e39-8156-43cb-b28c-0ed6713af0f0%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Guruprasad Shenoy]

Hi Antoine,

Thanks for the response. I have double checked the domain/callback on the EA app and the configuration in agorava.properties.

Since this was not working, i tried to remove the parameter ?repoid from the URL and this seems to work. Since repoid is required to identify the user session, I cannot make do without it completely. For testing purposes, i hardcoded the repoid and didnt pass it as a parameter, now the callback works and I am able to get the access_token and proceed with other services.

Since the repoid is handled in the agorava api, is there some way not to pass it with the callback ? Seems like EA needs the exact redirect URL ?

Thanks

Guru

[Antoine Sabot-Durand]

Hi Guru,

Did you try to use cookie resolution to avoid adding repoid in url.

In agorava.properties you put :

resolverType=cookie
cookie.life=31536000

Remove the previous resolver type before. cookie.life is the cookie duration in seconds (-1 is for having the cookie destroyed when the browser closes)

Regards,

Antoine

-- 
You received this message because you are subscribed to the Google Groups "Agorava Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to agorava-dev...@googlegroups.com.
To post to this group, send an email to agora...@googlegroups.com.

To view this discussion on the web, visit https://groups.google.com/d/msgid/agorava-dev/6d31de49-20f9-4d94-96be-b07161a38957%40googlegroups.com.