Hi Chatter Gurus,

We've created an OAuth 2.0 application that works perfectly against the standard SFDC environment using the basic (non-customized) developer and production environments.  We point the web application to point to login.salesforce.com URL for authorization of the remote application and everything works perfectly from point of "Allow" of the authentication through to the callback where we store token information etc. in our application for future requests.  This works as designed.

Our customer has a my domain URL configured through SFDC, i.e.: https://na8.salesforce.com/help/doc/en/domain_name_overview.htm

The problem is that there is some issue is happening with the application when it is deployed to or customer's environment.  There is a problem in the OAuth application shortly after the customer user logs in for the OAuth application authentication which is causing the complete OAuth flow to fail.  Here's the flow after our application is deployed to the client and we've verified the application is started and all standard system checks pass as working:

1. Our OAuth web client application calls for an authorization url by pointing to the base URL of login.salesforce.com
2. User clicks on the new authorization URL and an OAuth windows appears for login.salesforce.com
3. the user logs in at the login.salesforce.com login page
4. The user is presented with the allow or deny application page
5. The user "Allows" authorization of the Remote Access application

At the last step, once the user clicks "Allow", the URL in the address bar of the OAuth authorization window changes to the customer's company "My Domain" URL, for example,

https://customernamehere.my.salesforce.com/setup/secur/RemoteAccessAuthorizationPage.apexp?source=l86Hcy6qEKtWNqzXVErZDlmcRQs0D_HBE55M........

...and the callback fails.  At this point we are hoping the discussion boards can lend some insight.

We are not APEX developers per se, so we are not sure if the RemoteAccessAuthorizationPage.apexp page is something custom our customer has developed or if this is something standard with some SFDC configuration we are not aware of.

There are NO error messages returned to the OAuth client application.  We are not sure what log to ask the client to refererence if there is one that can be referenced for this failed OAuth Flow.

We have been unable to replicate the error in our test environments.

If someone could lend some insight to the issue abve that would be greatly appreciated.

Cheers,

Christian

We're using the Chatter API and pulling a feed into our application.

We are retrieving the image URL from the Chatter API feed response and attempting to display it in the web app.  The detail from our HTTP XHR traffic analyzer is showing a 302 Found HTTP response but the following message is also showing and the profile photo of each user is missing,

Resource interpreted as Image but transferred with MIME type text/html: "https://na8.salesforce.com/content/session?url=https%3A%2F%2Fc.na8.content.force.com%2Fprofilephoto%2F729C0000000DXXXXX".

The login to the SFDC site/portal itself is timedout but we refresh the API token for the Chatter API calls and the photos don't show.

Can anyone offer an explanation for why this is happening? Or what the solution might be?