I'm using IdentityServer4 with Asp.Net Core Identity. In Identity Server I enabled GOOGLE as external provider. I'm able to LOGIN with GOOGLE. The first time I try to LOG IN with GOOGLE the Identity Server shows to me the pages of the GOOGLE where I can choose the account or insert my credentials.
When I LOGOUT I receive the message that I'm logged out but when I try to LOGIN again with GOOGLE I'm directly logged in without to enter my credentials and if I have more than 1 GOOGLE account I'm not able to choose a different one.
This happens both if I connect directly to the server from the Login screen and if I do it via AuthRequest in Expo native app calling endsession endpoint with id_token_hint enhanced.
Why? I'm getting crazy.
I found this solution:
await WebBrowser.openAuthSessionAsync("https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://myIdentityServerEndSessionEndpoint", "exp://myReactNativeApp");
Related
Good morning.
I use google calendar API.
My program create a connection with the google calendar of multiple users.
From each user, i have their credential.json, but when the app start the first time show the browser quickstart confirm. How i can skip this step?
Thanks anticipated
I think you have seriously misunderstood how Oauth2 works.
You the developer goes to Google developer console and registers your application. If you will be requesting data from other users you will need to create Oauth2 credentials this will give you credeitnals.json file used by your application to request authorization of a user.
When each of your users runs your application they will be requested to consent to your application authorizing their data. If they do you will be granted an access token which gives you access to their data, this access token will expire after one hour. If you have also request offline access then you will also have a refresh token. If you store this refresh token some place then you will be able to access the users data when ever you need to by using it to request a new access token.
As for the unverified app screen, when you create your application it is basically in developer state, this is so that you can build and test your application. When you are ready to go to production you can request that your application be verified by google
Once your app has been verified the unverified app screen will stop showing up.
I'm working in a vue.js frontend. I can successfully make calls to stitch and write to the database if I use anonymous authentication. When I switch to Google oauth and attempt to make the same write call to the database I get the following error:
uncaught exception: t: (MustAuthenticateFirst): method called requires being authenticated
I've setup the Google Authentication Provider in the Stitch Admin console. I've created and configured a project on the Google Cloud Platform. In my vue code I've added a "login with google" button that runs this snippet:
loginWithGoogle() {
const googleCredential = new GoogleRedirectCredential();
client.auth.loginWithRedirect(googleCredential);
},
When I click to login I'm redirected to a Google form and asked to login by Google, then successfully redirected back to my app. But when I then try to write to stitch database it still says that I must authenticate first.
do you call de hasRedirectResult() and handleRedirectResult() when google redirect back to your app?. This method store credential locally (I guest in localstorage).
I am trying to set up an integration API between ServiceM8 and another 3rd party application. I need to create a webhook which requires Platform Services Authentication using Oauth.
I have created a developer account and a store item after which I got the APP ID and APP Secret which are required for the authenticatcation.
I initiated the authentication by redirecting the user to the url
https://www.servicem8.com/oauth/authorize?response_type=code&client_id=[App ID]&redirect_uri=[my redirect url]&scope=manage_jobs
The user was es expected directed to the login page.
However after logging in, instead of prompting the user to accept the required permissions and redirecting to the redirect_url the user is being redirected to the ServiceM8 dashboard page.
Can someone please help me.
Thanks
Is it possible to achieve Azure Active Directory authentication without going to browser window? I will have username and password via the mobile app login interface.
I need to achieve below scenario:
Use open mobile application (ios/android)
Enter Azure AD username and password to app login screen - e.g. user#tenant.onmicrosoft.com & password
I pass those information to .net web service - which need to call some Azure AD api to validate user credential before proceed to perform other business logic/make database calls
Any recommendation? I DON'T want user to redirect to any login window/page as this will not be good user experience.
I have already checked few different articles but not satisfactory response yet.
Thank you for your time.
I believe below link is helpful.
http://www.cloudidentity.com/blog/2014/07/08/using-adal-net-to-authenticate-users-via-usernamepassword/
I have to write an API for mobile device to implement Login with Facebook using Devise. I have done the web implementation and the as per my research the Facebook Login flow works as follows:
Step 1:
The user comes on the website and clicks Login with Facebook. It hits the facebook verifying the permissions for the app.
Step 2:
If the user accepts, facebook hits the web application with a temporary code.
Step 3:
The web server using the temporary params code hits facebook again to get the user's access token.
Step 4:
Facebook hits the web server with the user's access_token which is saved by the web application in the database. If the user with the access_token already exists then a new session is created else a new user record is created.
This is the complete flow of login of Facebook for a web application.
Now when writing mobile api for a Mobile device the question comes is:
Will the mobile device hit the web application with the facebook's temporary code as mentioned in Step 2 and the Web server will hit facebook using the temporary code to get the user's permanent access_token?
OR
Will the mobile devise hit the web server with the permanent user's access_token from facebook which is then identified for its existence in the database by the web application?
Please Help.
Many Thanks!!
Did you saw Devise + Facebook OmniAuth integration?
I used this integration and it uses the step 2, it's very easy and you don't have to care about this issues, it's already done.