Getting 404 when clicking on Logging in with Facebook and Twitter

[bytor99999]

HTTP Status 404 - /signin/facebook

type Status report

message /signin/facebook

description The requested resource (/signin/facebook) is not available.

I thought that adding the ProviderSignOnController to our configuration would make those URLs automatic in our application.

Our @Configuration class

Code:

@Configuration
public class SocialConfig {

  @Autowired
  SpringSecuritySignInAdapter springSecuritySignInAdapter;

  @Autowired
  ConnectionFactoryLocator connectionFactoryLocator;

  @Autowired
  ConnectionRepository connectionRepository;

  @Autowired
  UsersConnectionRepository usersConnectionRepository;

 	@Bean
 	public ConnectController connectController() {
 		ConnectController connectController = new ConnectController(connectionFactoryLocator, connectionRepository);
 		return connectController;
 	}

 	@Bean
 	public ProviderSignInController providerSignInController() {
 		return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, springSecuritySignInAdapter);
 	}

}

Thanks

Mark

[bytor99999]

I spoke a little too soon. Twitter is still giving me a 404, and Facebook goes to Facebook, but gives an different error. But that looks like it doesn't like my callback URL with localhost:8080

"
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: Invalid redirect_uri: Given URL is not allowed by the Application configuration.
"

Thanks

Mark

[bytor99999]

Yeah, still getting 404s and the Facebook error. Not sure what I am doing wrong here. I even moved the entire configuration to the web layer.

Here is my @Configuration class

Code:

@Configuration
@EnableJdbcConnectionRepository
@EnableTwitter(appId="${twitter.consumerKey}", appSecret = "${twitter.consumerSecret}")
@EnableFacebook(appId = "${facebook.clientId}", appSecret = "${facebook.clientSecret}")
public class SocialConfig {

  @Autowired
  SpringSecuritySignInAdapter springSecuritySignInAdapter;

  @Autowired
  ConnectionFactoryLocator connectionFactoryLocator;

  @Autowired
  ConnectionRepository connectionRepository;

  @Autowired
  UsersConnectionRepository usersConnectionRepository;

 	@Bean
 	public ConnectController connectController() {
 		ConnectController connectController = new ConnectController(connectionFactoryLocator, connectionRepository);
 		return connectController;
 	}

  @Bean
  	public ProviderSignInController providerSignInController(RequestCache requestCache) {
  		return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, new SpringSecuritySignInAdapter(requestCache));
  	}

  	@Bean
  	public UserIdSource userIdSource() {
      SpringSecurityAuthenticationNameUserIdSource userIdSource = new SpringSecurityAuthenticationNameUserIdSource();
      return userIdSource;
    }

Here is my xml

Code:

        <bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors"
                factory-method="text">
            <constructor-arg value="${security.encryptPassword}" />
            <constructor-arg value="${security.encryptSalt}" />
        </bean>

<context:component-scan base-package="com.blah.social.config"/>

This is the html I have on my index.jsp page which is where the user can login to our app with our app user Accounts, also register, and also register through Facebook and Twitter images.

Code:

<section class="row-fluid inline">
                        <!-- TWITTER SIGNIN -->
                        	<form id="tw_signin" action="<c:url value="/signin/twitter"/>" method="POST">
                        		<button type="submit"><img src="<c:url value="/images/twitter/sign-in-with-twitter-d.png"/>" /></button>
                        	</form>

                        	<!-- FACEBOOK SIGNIN -->
                        	<form name="fb_signin" id="fb_signin" action="<c:url value="/signin/facebook"/>" method="POST">
                                <input type="hidden" name="scope" value="publish_stream,user_photos,offline_access" />
                        		<button type="submit"><img src="<c:url value="/images/facebook/sign-in-with-facebook.png"/>" /></button>
                        	</form>
                        </section>

Thanks

Mark

[habuma]

The Facebook error is easy. The callback URL for your application doesn't match up with the "Site URL" setting when you configure your application *at Facebook*. It doesn't have to be an exact match, but the Site URL needs to be the base URL for whatever the callback URL is.

For example, consider Spring Social Showcase. Its Site URL is "http://localhost:8080/spring-social-showcase/". Under normal circumstances, running on localhost, the callback URL would be http://localhost:8080/spring-social-...ignin/facebook, which matches up with a Site URL of http://localhost:8080/spring-social-showcase/, so no problems. However, if I were running the app on a different server, a different port, or under a different app context name, then it wouldn't match up with the Site URL and I'd get the same error that you're getting.

As for the callback URL, under most circumstances, it can be derived from the current request. There are some special cases, however, and Spring Social allows you to configure for those via the "applicationUrl" property. But you usually don't need to do this. The most common fix here is to go to developer.facebook.com and make sure that your app's Site URL is a proper base URL for your application. One thing to be sure of is to include a '/' at the end. For example, Spring Social Showcase is setup in Facebook with "http://localhost:8080/spring-social-showcase/" as its Site URL.

As for the 404: If you're getting that for Twitter, but not for Facebook, then it means that ProviderSignInController is handling the request and that the 404 is coming downstream, probably in a redirect or a callback. I know this because even if you go to /signin/fhdsjkflhdsjfkldshajfksl, the worst that will happen is that it will redirect back to the signin page...you won't get a 404.

Now, this leaves me wondering if there's some correlation between the FB error and the 404. Are there any special circumstances that might require you to set the application URL differently? What host are you running on? What URL do you go to for the home page?

[bytor99999]

Thanks. Sorry, had to go have a little minor surgery today. Nothing major. But here is my callback URL I used

http://localhost:8080/social/facebook/callback

My app's DispatcherServlet is mapped to "/"

Thanks

Mark

[bytor99999]

I updated Facebook account to have better callback URL, so I am able to choose to accept the app in Facebook. But the last call to a URL fails.

And there is still the 404 in Twitter.

I think they are trying to go to But with "twitter" at the end of the URL, which then redirects to

http://localhost:8080/signin?error=provider

For Facebook this is the URL I am getting the 404 from.

http://localhost:8080/signup

Thanks

Mark

[habuma]

I'm still thinking through your Twitter issue, but it almost looks like the Facebook piece *is* working. But it is seeing that there is no connection for the FB user and is redirecting them to the signup page. The thing is, Spring Social isn't responsible for that page. The registration page is an application-specific page and it's up to you to define a controller to handle that. Once registration is completed, you can use ProviderSignInUtils to complete the connection...but it's up to you to define the registration page.

See the Spring Social Showcase example to see how that's done.

[bytor99999]

Thanks.

Yes, the registration page has to be my app specific.

Unfortunately, and I don't know why, but the Showcase confused me more than anything.

Now there are 4 examples. I personally wanted to use the new SpringSecurityAuthenticationFilter but with all the different errors I would get, I kept trying different approaches using the 4 different versions. Sometime combining ideas from the different versions. First I wanted just the xml using the new namespace. But I couldn't get that to work, then I tried full xml with all the beans defined and I couldn't get that to work. Now I have the new Annotations in @Configuration and Java Config. Which I guess is getting me closer. Just that in the Spring One presentation and the documentation doesn't say or show that you have to also have to extend and create your own

SignInAdapter, the "built in" one wouldn't SimpleSignInAdapter class wouldn't resolve for me. So I made my own by copying someone else's.

Or that I needed to define a bean for a UserIdSource.

I mean, really Spring Social is very elegant and simple for a complex problem. I am just being stupid and can't get my head around it. I mean all it is is

1) Repository to save data from the providers to a relational database, the create table script and a JDBC implementation is given to us, we have nothing to do but run the script and create a bean for JDBC.

2) Define a bean for ConnectController which handles all the connecting to a provider, all the mapped URLs and all the REST calls out to the provider, all written and done for us. Just define a Bean. This will allow us to connect to and get information from the providers through the provider api which implements ApiBinder.

3) The Factory which takes the providers we want to connect with and it creates a Locator for us.

4) Then there is a SignInController, which gives us all the URL mapping and REST calls to sign into our application but by using a provider's credentials. So login with Facebook, the user uses their Facebook username password and login to our app. Which after they login, we can then lookup that user in our own application's UserDetails (if we are using Spring Security) and now the user is logged into our application with a SecurityContext/Authentication in that user's Session.

So what am I missing?

Thanks

Mark

[bytor99999]

I am bummed. About 2 hours ago I replied to this thread, and it was a long reply. And it appears that I probably forgot to hit submit, or something cause it is gone.

Anyway, it was trying to explain how Spring Social works to see if I understand it. Anyway, I seem to have some blocker in my head to not completely understand it, even though I know it is really simple.

The showcase example is great, just that I don't get what is unique to that app versus always there for all Spring Social apps, so I am confused by the examples. Also that there are 4 versions of it. And not one fits my app, but I have to use combination of stuff from the examples.

Thanks

Mark

[habuma]

Mark, don't be bummed. Your long post did show up (unless you had a different long post prior to the previous one). And I can try to help as much as I can, limited only by the fact that I can't see your code (pasting it in the forum is good, but if you have this in GitHub or even a zip file somewhere that I can build/run myself, that's even better).

First, let me address the 4 versions of the showcase: They're all basically the same (in fact, I've given some thought to merging them and using Spring 3.1 profiles to address the differences). Here's the gist of what you are seeing:

- spring-social-showcase: This has primarily Java-based configuration (and a little bit of XML for Spring Security) and uses ProviderSignInController for sign-in-with-provider purposes.
- spring-social-showcase-xml: This is the same as the original, only it uses *all* XML configuration and no Java-based configuration.
- spring-social-showcase-sec: This is the same as the original, except that it uses SocialAuthenticationFilter for sign-in-with instead of ProviderSignInController.
- spring-social-showcase-sec-xml: This is like a mix of the 2nd and 3rd, using SocialAuthenticationFilter *and* only XML configuration.

With regard to configuration choices, my advice is to pick one (XML or Java) and go with it as much as you can. Later you can adapt to a mix of both XML and Java, but focus on one to get started. Pick a showcase example that will show you how to configure Spring Social for that choice.

With regard to sign-in-with choices, it comes down to the fact that ProviderSignInController is security framework agnostic and you must build upon the sign in adapter to tell it how to handle sign in for whatever security choice you make. It *will* work with Spring Security, but it's up to you to write the adapter code to make it work. Meanwhile, SocialAuthenticationFilter is not only compatible with Spring Security, not only focused on Spring Security, it is a proper Spring Security filter that plugs into Spring Security's filter chain. It acts *very* much like any other authentication filter in Spring Security. My advice on this choice (generally) is to choose SocialAuthenticationFilter if you're using Spring Security and to choose ProviderSignInController otherwise. That said, SocialAuthenticationFilter is kinda new and although I've tested the devil out of it, there's probably some surprises still hiding in there.

Also, to be clear, the samples show the new simpler configuration options. You don't have to explicitly declare everything like in the 1.0.x days (although that will still work). But what's lost in that style of configuration is a clarity of what kind of beans are being configured. So if you have any concerns/questions about that, let me know and I'll try to help.

You've pointed out (in your long post) some stuff that's confusing you, but if there were one or two questions that I could answer to get you moving a bit further, what would they be? I'll be happy to address all of your questions, but let's start with the 1 or 2 that would be most helpful. Also, if you have your app somewhere shareable (Github, ideally), that'd be awesome. That way I can see exactly what you're seeing.