I have configured password less login using both email and sms in Auth0. I have followed thru this guide https://auth0.com/docs/authenticate/passwordless/authentication-methods/sms-otp and also the API doc https://auth0.com/docs/api/authentication?http#passwordless.
I use Postman to call the API https://abc.au.auth0.com/passwordless/start
Content-Type: application/json
Body: {
"client_id": "00999uj3q098dfkhjvdfrYyAmjm",
"client_secret": "3VMQZVkT7264riuhnfvhdfvLwyEy",
"connection": "email",
"phone_number": "abc#mail.com",
"send": "code"
}
and I am able to receive the correct verification like 123456 in the email inbox.
However, when I switch to send SMS OTP and change the body like below:
{
"client_id": "00999uj3q098dfkhjvdfrYyAmjm",
"client_secret": "3VMQZVkT7264riuhnfvhdfvLwyEy",
"connection": "sms",
"phone_number": "+61889908554",
"send": "code"
}
I am able to receive the SMS in my phone. However, the verification code is ##password## instead of 6 digits number.
I really have no idea what I miss configuring. I have successfully link my Twilio account in my Auth0.
change ##password## to {{code}}
I cannot believe auth0 make such a cheap mistake
Related
I am trying to use Nodemailer in express server with Oauth from Office 365 but I am getting Can't create new access token for user and {"code": "EAUTH", "command": "AUTH XOAUTH2" error. It seems like nodemailer is unable to obtain either the access token and refresh token and the user is not being authenticated to send mails.
const transporter = nodemailer.createTransport({
host: "smtp.office365.com",
port: 587,
secure: false,
tls: {
ciphers: "SSLv3"
},
requireTLS: true,
auth: {
type: "OAuth2",
user: process.env.SENDER_EMAIL,
clientId: "CLIENT_ID",
clientSecret: "CLEINT_SECRET",
accessUrl: "https://login.microsoftonline.com/SOMETHING_SECRET_HERE/oauth2/v2.0/authorize"
// pass: process.env.SENDER_PASSWORD
}
});
I am not familiar with OAuth 2.0 with Office 365 to begin with so there could be some configurations error etc. The nodemailer works fine if I use my account credentials though. Can someone please suggest me something to try out or let me know if my config is wrong.
Please note that, accessUrl is an endpoint for requesting new access token.
As you have passed Authorization endpoint, please try changing it to OAuth 2.0 token endpoint (v2).
You can find this endpoint value in the Portal like below:
Go to Azure Portal -> Azure Active Directory -> App Registrations -> Your App
Alternatively, you can make use of Microsoft Graph API to send the mails like below:
Make sure to have Mail.Send permission consented before using the below query:
POST https://graph.microsoft.com/v1.0/me/sendMail
{
"message": {
"subject": "Regarding leave approval",
"body": {
"contentType": "Text",
"content": "Please approve my leave request."
},
"toRecipients": [
{
"emailAddress": {
"address": "XXXXX"
}
}
],
"ccRecipients": [
{
"emailAddress": {
"address": "XXXXX"
}
}
]
},
"saveToSentItems": "false"
}
Response:
The mail was successfully triggered like below:
For more in detail, please refer the below links:
Send mail - Microsoft Graph v1.0 | Microsoft Docs
Modern Oauth2 authentication for sending mails using Nodemailer nodejs by Sivaprakash-MSFT
For my React Native app I am using Parse JS SDK and hosted Parse Server on Back4app.
When I try to register a new user, the user is not authenticated because the response does not return a sessionToken.
However, once the user is in the db and signs in a sessionToken is returned and the user is authenticated successfully.
Request
The request is the same for sign in/up.
await Parse.User.logInWith('google', {
// auth data received from #react-native-community/google-signin
authData: {
id,
id_token: token
}
})
Response on initial Sign Up
The response is supposed to return a sessionToken which is missing. So the user is not authenticated and modifications on the user object are not possible.
{
"authData": {...},
"createdAt": "...",
"objectId": "...",
"updatedAt": "...",
"username": "..."
}
Response on sign in after user was created
{
"ACL": {...},
"authData": {...},
"createdAt": "...",
"objectId": "...",
"sessionToken": "...",
"updatedAt": "...",
"username": "..."
}
I don't use any cloud code. Just a simple auth flow with Google oAuth.
Any help is highly appreciated.
Edit: same issue for 'sign in with Apple'
As far as I know, according to the Official Documentation, Parse will respond 200 (HTTP OK) and include the Session Token only when it verifies the user is already associated with the OAuth authentication data.
So, again, as far as I know, the very first request when you create the user, will not contain the sessionToken.
Take a look to this tutorial https://www.thinkertwin.com/how-to-setup-google-oauth2-login-with-parse-server-in-react/
Here there is an explanation on how to setup your Cloud Code. It's for React, but with small adjustments it will work for React Native.
You also need Cloud Code as you need to store your Client ID and Secret. You don't want to have those on your public application
In my app (node-bigcommerce-sdk) my customers will need to login as if they were on the bc store. I am able to verify that the provided email and password are correct. I cant find a method to exchange the user_id and my app credentials for a token that can be used in sso (described here)
I used the python sdk before and the part I want to do now in nodejs is the following
bc_client = b.api.BigcommerceApi(client_id, store_hash, access_token)
login_token = sdk.customer_login_token.create(bc_client, customer.id)
so far (not working)
let token = jwt.encode({
"iss": account.clientId,
"iat": 123456789,
"jti": "uid-"+uid,
"operation": "customer_login",
"store_hash": account.storeHash,
"customer_id": uid,
}, account.secret, 'HS512');
let sso_url = `${account.entry_url}/login/token/${token}`
example token received
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJja244ZzN5Z3V4MmY0cG14ZWw0M2dqbmJjOTViZ2FrIiwiaWF0IjoxMjM0NTY3ODksImp0aSI6InVpZC0xIiwib3BlcmF0aW9uIjoiY3VzdG9tZXJfbG9naW4iLCJzdG9yZV9oYXNoIjoiMmJpaHByMnd2eiIsImN1c3RvbWVyX2lkIjoiMSJ9.n4lygAJtfqhcrHnGEWle1far-Ee69xrgym-HWFWWwNWXB1-hBziKC03SK_y8PYjLBL_n43Q6K07YH9ysSV5a4g
${account.entry_url}/login/token/${token} results in an error message on the frontend Invalid login. Please attempt to log in again.
When I am trying to login with username and password to get token_id and access_token using postman with auth0 by installed using Postman Collection in Postman
I get an error in login method of database:
You are correct that the /oauth/ro endpoint is being deprecated. You should be making a call to /oauth/token instead.
Your question is unclear.
Try to send the first request with login/password by standard authentication (Authorization tab > Type > Basic Auth).
As the following steps I recommend to check the relevant Postman manual: Using the Auth0 API with our Postman Collections and use the predefined collections from Auth0 API Documentation (press on "Run in Postman" button).
In addition, it's strongly recommended to use the Native Postman app, but not its deprecated Chrome extension.
I was able to get the id_token by using the /oauth/token endpoint, and passing scope=offline_access. Here is an example of my POST payload (Python code):
{
"grant_type": "http://auth0.com/oauth/grant-type/password-realm",
"scope": "offline_access",
"client_id": client_id,
"client_secret": client_secret,
"username": username,
"password": password,
"realm": database_connection,
}
Response:
{
access_token: "lK...",
expires_in: 1000,
id_token: "eyJ...",
refresh_token: "ym...",
}
am request this url
http://xxxxxx/mobileapi/public/oauthtest/authorize?response_type=token&client_id=userapi&redirect_uri=./receivecode&state=xyz
and show this page
image in that link:https://www.apigility.org/apigility-documentation/img/auth-oauth2-authorize.png
but i want only return json value with token
You should do some reading in the ZF-OAuth documentation.
To request a token you send a POST request with user credentials and client id to the oauth endpoint:
So for example a POST request to your base url for /oauth with the following json data:
{
"grant_type": "password",
"password": "1234abcd",
"username": "john.doe#example.com",
"client_id": "MyClient"
}