I have a site that Login with Twitter API.
User redirect to this link to Accept :
https://api.twitter.com/oauth/authenticate?oauth_token=XXXXXXXXXXXX
My problem is that in mobile, it enters the Twitter site through a browser and needs to log in to the Twitter account ** But all users use the Twitter app!!**
**
Is there a way to enter the Twitter app through the site and confirm without the need to log in again?
**
You can use this link to open Twitter App.
twitter://endpoint?token=X
More information in this StackOverFlow question.
Related
I'm using `
https://api.instagram.com/oauth/authorize?client_id={{ instagramAppId }}&redirect_uri={{ redirectUrl }}&scope=user_media,user_profile&response_type=code
` url to verify user via instagram api.
Is it possible to get access token from instagram mobile app? The web view with insta login needs credentials to login, even though user is logged in mobile app.
Thanks!
Webviews keep their own cookie jars, so you have to log in separately. You can't use the mobile app's tokens. You can open the login page in a browser instead of a web view. Then, if the user is already logged in to Instagram in this given browser, you will instantly get a response from the authorization endpoint. Still, the user needs to be logged in in the concrete browser, being logged in in the app won't help.
According to this link Facebook Login for the Web, I can let my users login with facebook accounts (after logging to my facebook app).
now, all the work is done here in javascript which is a client-based code, it means it is insecure and a hacker could easily trespass my login step.
I know i should be using PHP SDK (for example) to secure the login process, but my question is why would I use this method ????
All of the authentication features I see for the Instagram API make the user "allow access" to your app by redirecting them. I have seen several apps that let the user login directly, can someone please enlighten me on how they are doing this?
If the app uses Instagram's authentication, it first redirects to instagram login page and you have to enter username/password, and then it will show a page to allow access, after this it will redirect to the application.
But some apps directly ask for username/password from their UI, these apps store your password, and use it to authenticate using a automated devices running Instagram, so they can post pictures on your behalf, the reason they do this is cause there is no API for posting pic, the only way apps can post pics is by collecting username/password and then posting pics using automated devices. This is risky, never give your username/password. Doing this is against the terms and condition. Only login if the login screen looks like Instagram login page.
I've been working with ServiceStack for quite some time now and i love it. But there is one thing i can't figure out.
How are app's (ios, android etc.) that are using my servicestack endpoints, suppose to use the facebook endpoint "/auth/facebook"?
When using this url "/auth/facebook" from the browser it works fine, but the response is html, and not an AuthResponse og something serializable.
Is this endpoint only to be used from websites with servicestack in the same solution?
The way that stuff works is by redirecting the user to Facebook with an API key that matches your app. The user then tells Facebook that your app is ok, and Facebook redirects them back. This can only be done via a browser. You really have two options to work around this:
Make the user authenticate with Facebook using a website and then authenticate your user with credentials from the app.
Use the built in iOS Facebook stuff and send the resulting auth tokens to an endpoint on your app, where you can save them for later use.
Edit, a bit more clarification:
Option 1
User Goes to your website
User Clicks on your Auth With Facebook button
User is sent your your Facebook endpoint set up in Service Stack
User is redirected by Service Stack to Facebook
User is redirected back to Service Stack from Facebook, with a token in the url
You save the token in your database and tell the user they can now user your app with Facebook.
Option 1.5
The same as Option 1 but instead of making the user go through their browser you create a UIWebView control and point it to your Facebook Auth endpoint. Then you listen for a response from your site that says the user is authenticated. I'm not a objective c, so I can't really get more detailed on how to do that.
Option 2
Use the iOS Facebook API and handle authentication as seen here.
POST the credentials to Service Stack via a Custom Endpoint
Save credentials in the db, and use them in the future to make calls on behalf of the user.
Facebook Login requires a browser of some sort, because Facebook's cookies must be passed along with a request to authorize your website. That is how Facebook knows which of it's users wants to authorize your site, and that they are the ones making the request.
my first post after years of reading :P
I think that are some problem with the page of soundcloud https://soundcloud.com/popup_callback.html
My app uses the soundcloud api and work fine, but when my users try to connect with facebook and they are go from facebook to
https://soundcloud.com/popup_callback.html?returnTo=CALLBACK_URL
but it is not redirected to the callback url, only show a empty page.
Users need login in soundcloud in other window before to make login in my app.
Can be a problem my callback url? "http://domain.com/callback/"
I try it in ff, opera and chrome and diferents at S.O.
This seems to be a bug in the SoundCloud API (see Soundcloud: blank page with popup_callback.html when trying to auth using Facebook)
I was able to work around this by including display=popup in the querystring when redirecting to SoundCloud's OAuth2 authorization endpoint: https://soundcloud.com/connect?client_id=[my_client_id]&redirect_uri=[my_redirect_uri]&response_type=code&display=popup. This will force the mobile optimized display to show up, but fixes the Facebook login issue.
Note that I'm not actually opening a popup window, I'm just including this param when doing a client-side redirect using window.location='https://soundcloud.com/connect?...&display=popup'