I have bot created in Bots.Business
My bot send link for web page to user.
User can:
click on this link and go to web page
click on this link and immediately close browser
do not click link
How to check that user visit this web page?
We have several ways:
Place any secret info in your web page. User must copy this secret and send to bot after web page visiting. Bot can check this secret. If secret is valid - user visit web page. Else not.
It is more easy way for development but not for users.
Use webhook lib
It is harder for development. Easy to users.
Command /generate - you need run this command as admin before
let webhookUrl = Libs.Webhooks.getUrlFor({
// this command will be runned on webhook
command: "/onWebhook",
// this text will be passed to command
content: "http://yourpage.com",
// execute for this (current) user
user_id: user.id
})
Bot.sendMessage(webhookUrl);
You will be have webhookUrl. You can place this webhook url in 1px invisible iframe on your web page now:
<IFRAME width=1 height=1 src=http://webhookUrl scrolling=no frameborder=0></IFRAME>
Also you can make GET or POST request in your page to this webhook url
For user:
Command /getLink
let currentTaskUrl = "http://yourpage.com"
User.setProperty("currentTaskUrl", currentTaskUrl, "string")
Bot.sendMessage("Link: " + currentTaskUrl)
Command /onWebhook:
// it will be executed on webhook
let webPage = content;
let expectedPage = User.getProperty("currentTaskUrl")
if(webPage==expectedPage){
// user just visit web page
// your code here
User.setProperty("currentTaskUrl", null, "string")
}else{
// user visit another web page with this webhook
// may be he make refresh prev page or etc
}
Related
I'm trying to setup oAuth for Stripe's Connect (Standard). In their setup documentation they say:
Step 1: Create the OAuth link To get started with your integration,
Your client_id, a unique identifier for your platform, generated by Stripe
Your redirect_uri, a page on your website to which the user is
redirected after connecting their account (or failing to, should that
be the case), set by you
Step 3: User is redirected back to your site After the user connects
their existing or newly created account to your platform, they are
redirected back to your site, to the URL established as your
platform’s redirect_uri. For successful connections, we’ll pass along
in the URL: The scope granted The state value, if provided An
authorization code. The authorization code is short-lived, and can be
used only once, in the POST request described in the next step.
The way I've implemented this is by sending the user to a React-Native WebView, and because this is a mobile application, a redirect_uri is not an option.
The problem is, I cant simply make a POST request to a url. there are user actions that must be taken inside of stripe, and ultimately stripe sends an authorization code to a redirect url.
So How can I obtain the authorization code that stripe doles out inside the WebView authorization process so I can finish the Stripe Connect user creation process?
You can use onLoadStart for WebView. Just check if the url from the synthetic event is what you specified in your stripe settings and handle accordingly.
onLoadStart={(syntheticEvent) => {
const { nativeEvent } = syntheticEvent;
if(nativeEvent.url.startsWith("YOUR_REDIRECT_URL"){
// your logic here
}
}}
Follow the steps
step 1 : login in mediator strip account, now open new tab and paste below url in new window and replace client id "ca_****" with the account which you want to connect with mediator account ( client id ), and hit the url
https://connect.stripe.com/oauth/v2/authorize?response_type=code&client_id=ca_************************&scope=read_write
step 2 : now press connect button and find the code from new url like
https://connect.stripe.com/connect/default/oauth/test?scope=read_write&code=**ac_**************************
I'm trying to setup a manual flow for Facebook login, as per the docs at: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/
I've got my test Facebook app working as expected, i.e., I can login using a private web browser window fine. The URL I'm using is:
https://facebook.com/v3.3/dialog/oauth?client_id=<app_id>&display=popup&response_type=token&redirect_uri=https://www.facebook.com/connect/login_success.html
Now within my React-Native app, I'm using react-native-inappbrowser-reborn to present a SFAuthenticationSession on iOS. As per their docs (at https://www.npmjs.com/package/react-native-inappbrowser-reborn), I'm doing the following:
const redirectUri = "https://www.facebook.com/connect/login_success.html"
const url = "https://facebook.com/v3.3/dialog/oauth?client_id="+appId+"&display=popup&response_type=token&redirect_uri=https://www.facebook.com/connect/login_success.html"
InAppBrowser.isAvailable()
.then(() => {
InAppBrowser.openAuth(url, redirectUri, {
// iOS Properties
dismissButtonStyle: 'cancel',
// Android Properties
showTitle: false,
enableUrlBarHiding: true,
enableDefaultShare: true,
})
.then((response) => {
// Only gets to this point if user explicitly cancels.
// So this does not trigger upon successful login.
})
// catch handlers follow
Using the above, my app correctly open up an in-app browser and I can login fine using a test user for my test app. Upon successful login though, I don't get redirected back to the .then completion handler. It just stays in the in-app browser view and I see the same message from Facebook that I see when logging in using a web browser. It says something like "Success. Please treat the url the same as you would a password", or something like that.
I may be missing something here, but I thought the purpose of passing redirectUri as an argument to openAuth was so that upon redirection to that URI, the completion handler would be triggered.
Question: How do I redirect back to the completion handler upon login success?
I think that you already have a solution but thought it might be useful for someone else facing this issue. If you don't have a solution so far follow my instructions:
You can't directly redirect back to your application using deep link, since Facebook will not call a link `like myapplicationname://mycustompath´. It's only possible to call links using the https-protocol (https://...).
The solution I'd suggest you to use is to redirect using your own API (Facebook -> Your API -> Deep Link Redirection). You will understand why this is required in the most of the real world applications at the end of the instructions.
Starting from your react-native app call the authorize endpoint of Facebook with a redirection to your application and set the global deeplink of your app as redirect uri.
InAppBrowser.close();
InAppBrowser.openAuth("https://graph.facebook.com/oauth/authorize?client_id=YOURCLIENTID&redirect_uri=https://YOURDOMAIN:PORT/auth/facebook", "{YOURAPPSDEEPLINKNAME}://{SOMEPATHYOUWANTTOEND}")
.then((response) => {
handleAuthorized(response, LOGINTYPE.FACEBOOK);
});
Now after login you'll be redirected to your API with the authorization code token as query parameter (e.g. https://YOURDOMAIN:PORT/auth/facebook?code=AVERYLONGCODESENTBYFACEBOOK)
Using this code token from the query parameter, you make another API Call to get the access_token for the user
{GET}: https://graph.facebook.com/v15.0/oauth/access_token?client_id=YOUR_CLIENT_ID&redirect_uri=https://YOURDOMAIN:PORT/auth/facebook&client_secret=YOUR_CLIENT_SECRET&code=AVERYLONGCODESENTBYFACEBOOK
Facebook's API will send you an answer as JSON with the access_token inside.
You can make another call using the access token of the user, to get the userId and the username
{GET}: https://graph.facebook.com/me?access_token=ACCESS_TOKEN_SENT_BY_FACEBOOK_IN_PREVIOUS_GET_REQUEST.
If you need the e-mail address for the user you have to make another call. Make sure you'd set the permission to read the e-mail address for your app on the developer portal of facebook.
The following request will return you the id, name and the email of the user
{GET}: https://graph.facebook.com/USERIDFROMPREVIOUSREQUEST?fields=id,name,email&access_token=ACCESSTOKEN
I think you want to save all these information to a database and create a session in order to keep the user logged in and therefore all the requests described will be useful for you in a real application.
After doing all the backend stuff, you're ready for the redirection using deep link. To do that, set a meta-tag to redirect the inappbrowser to your application:
<meta http-equiv="refresh" content="0; URL={YOURAPPSDEEPLINKNAME}://{SOMEPATHYOUWANTTOEND}" />
I have set a web browser control in winform and navigate to the following url-
https://www.facebook.com/dialog/oauth?client_id=xxxxxxxxxxxxx&redirect_uri=https://www.facebook.com/connect/login_success.html&display=popup&scope=publish_stream,user_status&response_type=token
It show the login dialog box. After enter username and password facebook redirect to following
url-
https://www.facebook.com/login.php?skip_api_login=1&api_key=xxxxxxxx&signed_next=1&next=https://www.facebook.com/dialog/oauth?redirect_uri=https%253A%252F%252Fwww.facebook.com%252Fconnect%252Flogin_success.html&display=popup&scope=publish_stream%252Cuser_status&response_type=token&client_id=xxxxxxxxxx&ret=login&cancel_uri=https://www.facebook.com/connect/login_success.html?error=access_denied&error_code=200&error_description=Permissions+error&error_reason=user_denied%23_=_&display=popup
and display a message with two button called "okay" & "cancel"
xyourappxxxx would like to access your public profile, friend list and status updates.
if i click on "Okay" button this will redirect to following page with the msg of--
page---https://www.facebook.com/dialog/oauth/read
message---Success SECURITY WARNING: Please treat the URL above as you
would your password and do not share it with anyone.
application type: Native/desktop
App secret in client: no
Client OAuth Login: enbl
Embedded browser OAuth Login: enbl
Sandbox mod: ON
Problem is after authorization facebook not redirect to my redirect_uri and not getting any access token.
I am using vb.net 2008 express
thanks
I might be mis-understanding your question/issue, apologies if so..
in your first line.. you have the redirect_uri set to just go back to facebook, whereas it's supposed to be the URI of the page on your site that you want facebook to send the user to after they authenticate and approve your app, no?
in other words shouldnt your first line be:
https://www.facebook.com/dialog/oauth?client_id=xxxxxxxxxxxxx&redirect_uri=**https://WWW.YOURDOMAIN.COM/YOURPAGE.ASPX**&display=popup&scope=publish_stream,user_status&response_type=token
after the user clicks "okay" on the popup, it will then redirect them to YOURPAGE.ASPX on your site, passing the access_token
I'm new to Twitter #anywhere. Is #anywhere login feature is intended to integrate our website with Twitter login? just like Facebook connect?
If yes, What is the callback url used for and what callback url should be provided?
I've tried to add this #anywhere login feature to my site and I'm testing it from a localhost / 127.0.0.1 site. I use the following code
twttr.anywhere(function (T) {
T("#twitter-login").connectButton({
authComplete: function(user) {
//triggered when auth completed successfully
alert('test login complete');
currentUser = T.currentUser;
var userInfo = document.getElementById('user-info');
userInfo.innerHTML =
'<img src="' + currentUser.data('profile_image_url') + '"/>'
+ currentUser.data('screen_name');
}
});
});
If I don't provide any callback url, after authorizing the user, Twitter give a
Sorry, something went wrong.
The provided callback url http://localhost:9000/ is not authorized for the client registered to 'http://127.0.0.1:9000'.
So then I provide a custom callback url with the following code
twttr.anywhere.config({ callbackURL: "http://127.0.0.1:9000"});
After adding that code, no error occurred but I ended up having two tabs opened of the same page. One is the page I use to login and the other one is the callback url page. And also the code inside the "authComplete:" section is not run, the alert is not shown.
Did I do anything wrong?
Thank you
Twitter #Anywhere users domains to authenticate the callback url.
For twitter server, 127.0.0.1 and localhost are two differente things. As your are using localhost as your callback url, try adding this domain on the authorized domains configuration on your app configuration att dev.twitter.com
I've got a web where logged in users can fill out a form to send information. I wanted my users to do this from a chrome extension too. I managed to get the form to sen information working but I only want to be logged in users to be able to do that. It's like a twitter or Springpad extension when the user first opens up the extension, it would have to log in or register. I saw the following answer at stack overflow: Login to website with chrome extension and get data from it
I gave it a try and put this code in background.html:
function login() {
$.ajax({
url: "http://localhost/login", type: "GET", dataType: "html", success: function() {
$.ajax({
url: "http://localhost/login", type: "POST", data: {
"email": "me#alberto-elias.com",
"password": "mypassword",
},
dataType: "html",
success: function(data) {
//now you can parse your report screen
}
});
}
});
}
In my popup.html I put the following code:
var bkg = chrome.extension.getBackgroundPage()
$(document).ready(function() {
$('#pageGaffe').val(bkg.getBgText());
bkg.login();
});
And on my server, which is in node.js, I've got a console.log that shows user information when he logs in, so I saw that when I load my extension, it does log in. The problem is how can I get the user to log in by itself, instead of manually putting my details in the code, how to stay logged in in the extension and when submitting the form, sending the user's details to the web.
I hope I've managed to explain myself correctly.
Thanks.
Before answering this question I would like to bring to your notice that you can make cross origin xhr from your content scripts as of Chrome 13 if you have declared proper permissions. Here is the extract from the page
Version note: As of Chrome 13, content scripts can make cross-origin requests to the same servers as the rest of the extension. Before Chrome 13, a content script couldn't directly make requests; instead, it had to send a message to its parent extension asking the extension to make a cross-origin request.
Coming to the point. You simply have to make an XmlHttpRequest to your domain from your extension (content script or background page) and wait for the response.
At Server
Read the request and session cookie. If session is valid send proper response, else send an error code. 401 or anything else.
At client
If response is proper display it, else display a login link directing to login page of your website.
How it works:
It will work if cookies in user's browser is enabled. Whenever user logs in to your website your server sets a session cookie which resides in user's browser. Now with every request that the browser sends to your domain, this cookie is transmitted. This cookie will be transmitted even if the request is from a Google Chrome Extension.
Caveat
Make sure you display proper cues to user indicating that they are logged in to your application. Since your UI will be mostly inside the extension, it is possible that user might not be aware of their valid session with your website and they might leave an active session unattended which might be abused if user is accessing it from a public internet kiosk.
Reference
You can take a look at a similar implementation that I have done with my extension here.
So the user logs into your server and you know that. I am a bit confused if you then want the user to be able to browse your website with those credentials or a third party website with those credentials.
If it is your website then you should be able to set a cookie that indicates whether they are logged in. Then detect this server side when they navigate your site.
If it is a third party site then the best you can do is create a content script that either fills out the login form and autosubmits for them or analyze the login post data and send it along yourself, then force a refresh.