I am trying to open the child component directly in the browser with parameters.
But if I am not logged in I lose all the parameters as the adal services replaces it with the token value. So it redirects me to parent page but expected behavior should be redirecting to child page with those parameters.
Eg :
https://localhost:44399/admin/snapshot?dealCode=J9MKU&portfolioCompanyName=Avaloq%20Group%20AG&portfolioCompanyId=1050
In this if I am not logged in and I enter this url it first checks if I am authenticated or not. If I am then I can properly see the page as expected if I can not then it will lose all the parameters take me to login page and then after successful login it shows the url as
https://localhost:44399/admin/snapshot
https://localhost:44399/admin/snapshot is the redirect uri you configured on Azure portal. If you want to pass parameters in the redirect uri, you can add the parameters to the redirect uri. Then you will be redirect to https://localhost:44399/admin/snapshot?dealCode=J9MKU after successful login.
Note:
Azure AD applications can now register and use redirect (reply) URIs
with static query parameters (such as
https://contoso.com/oauth2?idp=microsoft) for OAuth 2.0 requests.
Dynamic redirect URIs are still forbidden as they represent a security
risk, and this cannot be used to retain state information across an
authentication request - for that, use the state parameter.
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/develop/reference-breaking-changes#redirect-uris-can-now-contain-query-string-parameters
Related
I have a pretty straightforward ASP .NET Core web site that uses Azure AD + OpenID for user authentication. Inside Azure I've added "https://my-site/signin-oidc" as a Redirect URI and inside my app settings I've set my CallbackPath to "/signin-oidc".
The problem is after authentication the browser always redirects to the home page.
For example the user will enter the following url into their address bar:
https://my-site/#/foo
They'll then be redirected to the azure sign-in page which has a uri like so:
https://login.microsoftonline.com/.../oauth2/v2.0/authorize?client_id=...&redirect_uri=https%3A%2F%2Fmy-site%3A64199%2Fsignin-oidc&[...]&sso_reload=true#/foo=
(Note where the '#/foo' fragment is placed)
After authentication succeeds they end up at the home page (https://my-site/).
Is there anyway for me to preserve the original URI and redirect the user to it after auth succeeds?
Try using the post_login_redirect_url query parameter for this.
If you want to automatically navigate the user to #/foo' after logging in, you can set your login redirect to ~/.../authorize?post_login_redirect_url=/#/foo.
Users become members through the app domain.
app.myproduct.com this is the url we used to sign up for the app.
After the register is completed, I need to redirect the user to the domain that he/she has determined.
for example dynamic.myproduct.com
After the registration process on app.myproduct.com is completed, I keep the access token in the browser local storage.
but since the user will continue on this site dynamic.myproduct.com, when I redirect there, I lose the token
I think it is not safe to send the token as a url parameter like dynamic.myproduct.com?token=blabla
How should I configure it here? Should we manage this on the frontend or the backend?
I am using Keycloak authentication to authenticate an angular app and so far I have managed to redirect my login to Keycloak server. But when redirected instead of the login page I am getting a 500 error page with the message Invalid parameter: redirect_uri
When you created the client in Keycloak you set the required 'Valid Redirect URIs' field. Most likely the pattern you entered there doesn't match the redirect uri you are sending from your client. If you use ports numbers, they have to match too!.
If this is not the problem, check what your Keycloak server is logging and add those details here to your question.
this is occurred due to base url and valid redirect url are different. So I have added same URL on both the text box.Now its working fine.
I am getting error while Login with oAuth for Instagram, it says the redirectURI is wrong. I have researched on it and I have checked many answers on stackoverflow but its not helpful for me.
Here is the complete detail of what I did in my application.
1) I set my ClientId in pList for redirect URI :
2) I have added ig and authorize while creating the URI:
3)Now, I set ClientID in Instragram API :
And Here is my RedirectURI :
https://instagram.com/oauth/authorize?response_type=token&redirect_uri=igdd5fb08a33444af0b2b9c9420e69bc35%3A%2F%2Fauthorize&scope=relationships&client_id=dd5fb08a33444af0b2b9c9420e69bc35
When I fire the URl after login, it gives me the following error:
Can anyone help to find out where I am going wrong ?
Thanks,
The redirect URI you're providing is not what you have defined in your client settings.
1) Go to http://instagram.com/developer/clients/manage/
2) For your desired client/application, look for REDIRECT URI.
3) Make sure you provide the same redirect uri in your request as it is defined in your client/application settings. In your case, https://api.instagram.com/oauth/authorize/?response_type=token&redirect_uri=REDIRECT-URI&client_id=CLIENT-ID
Note: You may provide an optional scope parameter to request additional permissions outside of the “basic” permissions scope.
Note: You may provide an optional state parameter to carry through any server-specific state you need to, for example, protect against CSRF issues.
At this point, we present the user with a login screen and then a confirmation screen where they approve your app’s access to his/her Instagram data.
4) Once a user successfully authenticates and authorizes your application, instagram will redirect the user to your redirect_uri with a code parameter that you’ll use to request the access_token like http://your-redirect-uri?code=CODE.
For more information to learn about authentication process [Link]
tl;dr. The Redirect URI you send to /authorized must be same as the registered URI in your app.
I've recently decided to migrate over to using servicestack authentication. From what I can tell, to have a redirect after a successful login of an oauth provider, you add the url to the appSettings of your web.config, i.e. oauth.GoogleOpenId.RedirectUrl.
My question is, is there anyway to make this more dynamic so that if a user get's redirected to the log on page when trying to access an authorized page, say their profile page, that once they log on successfully they get routed to their profile page instead of what's configured in the web.config? Forms authentication did this by using a 'returnUrl' query parameter.
Any help would be appreciated.
The behavior of accessing a protected page, redirecting to a /login page (overridable with HtmlRedirect on AuthFeature or Authenticate attribute) and on successful login should automatically redirect to the previously attempted protected page.
To do this you want to specify the redirect url in the continue or ReturnUrl FormData POST variable or QueryString when attempting to authenticate with the /auth service.