We have a working react-admin app with authentication up and running.
But now we have to add a resource that should be accessible without logging in. How can we do this?
Our App.js (shortened) looks like this:
<Admin authProvider={authProvider} dataProvider={simpleRestProvider(`${process.env.REACT_APP_BASE_URL}/api/v1`, httpClient)}>
<Resource name={'posts'} list={PostList} edit={PostEdit} create={PostCreate} icon={PostIcon} show={PostShow}/>
<Resource name={'messages'} create={MessagesCreate}/>
</Admin>
We want messages to be accessible without authentication. But all the other resources (removed from the snippet above) should still be protected by the authProvider.
We didn't find anything in the official docs about that. Only Checking Credentials During Navigation. But according to this issue and this comment it is no longer possible to do this.
Can anyone help us with this?
Thanks in advance.
Related
I have been trying to integrate Microsoft Azure AD B2C Authentication in my react native. For this purpose, I have been using react-native-msal library. I have done all the configurations for it and followed every step from the documentation but I am getting this error:
Intent filter for: BrowserTabActivity is missing. Please make sure you have the following activity in your AndroidManifest.xml
<activity android:name="com.microsoft.identity.client.BrowserTabActivity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="com.checkmobileapp"
android:path="/ga0RGNYHvNM5d0SLGQfpQWAPGJ8="
android:scheme="msauth" />
</intent-filter>
</activity>
This issue is already open on github. I have tried running different solutions including restarting the server, removed cache, clean the build folder but nothing worked. I also assured that I copied the same browsertabactivity into my AndroidManifest.xml.
You manifest seems to be ok.
Check if these can narrow down the issue:
Ask the user who is authenticating to enable a browser on their device. Recommend a browser that supports custom tabs.See if ParentActivity is required in msal exception for Android to support browsers similar to this.
Please make sure the package name is correct . The package name is used for unique identification for your application.
Ex: com.companyname.applicationname
Try to moving to latest msal versions to reduce the run time exceptions or atleast gives msal exceptions .
Please make sure the redirect_uri is registered in the app configuration(msal_config.json), and also in AndroidManifest.xml to support redirection during the authorization code grant flow.
Make sure the hash signature generated is url encoded when added in redirect uri.
The format of the redirect URI is: msauth://<yourpackagename>/<base64urlencodedsignature>.
Also check if you have given the authority properly MSAL Android
Check "authorization_user_agent" value ,if it needs to be changed
If everything is configured correctly, it may be a conflict with the device you are using and we may not be sure of which device msal package is compatible .So try with latest version.
Please see msal android tested browsers
References:
You can see some troubleshooting configurations here for Xamarin
android
Also check this
I have a question regarding the possibility to change the backend occ endpoint for the login.
In the default behavior, an auth object is created in local storage.
I changed in the app.module the default login: '/authorizationserver/oauth/token', to a different endpoint (/ourowntestserver/oath/token/test). After the change, the backend-side works as it has before, but on the front-end side, the auth object is not available in the local storage anymore.
In the Spartacus source code I can see an OAUTH_ENDPOINT with the same endpoint '/authorizationserver/oauth/token', used in an open-id-token.service, but I am not sure if that service is responsible for actually saving the token and if I have to extend it in the storefront app along with its store(actions, effects, etc.) too.
Are there any other changes that have to be done for this to work, or am I doing something wrong? Is it possible that the issue could be still back-end related?
Any help would be appreciated. (edited)
I would start by inspecting ngrx actions in devtools. Look for LoadUserToken and LoadUserTokenSuccess and LoadUserTokenFail actions. Look at their payload if everything there looks ok. Maybe the structure of response is different than the one returned from the default hybris OAuth server. Then you might need to create your own effect and handle the response a bit different than we do this by default.
The OAUTH_ENDPOINT is not currently customizable and it is being fixed right now for the 3.0 release. It'll have new auth module structure and allow for easier replacement of OAuth server.
open-id-token.service.ts is only used with Kyma module when you also need apart from access_token the id_token from OAuth server.
Cloudflare Access expects both values as headers in the request sent to the application. Name them as follows:
CF-Access-Client-Id: <Client ID>
CF-Access-Client-Secret: <Client Secret>
https://developers.cloudflare.com/access/service-auth/service-token/
I am new to TestCafe and i have done several tests on our production website and it worked well. However now when i try to access our application on Test environment which is behind cloudfare, i am failing to get through. i read that i should send in headers the above two values. Does anyone know how i can do this in TestCafe? Do let me know if I am missing out any information. Thank you in advance :)
The issue is reproduced without TestCafe.
The user addressed this issue using the Custom HTTP Request Hook.
This question is specific for: https://github.com/marmelab/react-admin
My App.js look like that:
<Admin
customSagas={[ errorSagas ]}
loginPage={LoginPage}
authProvider={authProvider}
dataProvider={dataProvider}
>
<Resource name="topics" create={TopicCreate} list={TopicsList} show={TopicShow} />
<Resource name="clients" create={ClientCreate} list={ClientsList} show={ClientShow} />
<Resource name="genders"/>
<Resource name="interests-in"/>
</Admin>
If I'm not logged in and I go to /topics I got 401 and I redirected to /login.
If I'm logged in and I go to /blabla I get the Dashboard and Menu which is security issue.
I don't want that non-authorized user will be able to view the dashboard and the menu.
When I view the "source" of the page I can see all paths (URLS) to my admin api. It should be disabled as well.
How to avoid this kind of situations? someone help?
Lior
The only way I can think of would be to check for your security items inside the component where you are rendering the Admin. If your security checks fails, then don't even render the Admin.
I want to intergrate alfresco with web application. i.e i have created a login page for my application.Now i want to use the same username and password to login to alfresco so that i dont have to login again using alfresco login page. Can anyone help me out in this?
Thanks and regards,
than1234
Please refer to login in http://wiki.alfresco.com/wiki/Repository_RESTful_API_Reference
Also look for SSO (Single-Sign On)... it would not only avoid your users to re-login to Alfresco, but to other applications. There is information in the manual, the wiki.alfresco.com site, and just by Googling. There are multiple ways to doing it, and choosing will depend on the protocols that you are using. Happy SSO'ing!
Look at this: http://wiki.alfresco.com/wiki/Repository_RESTful_API_Reference#Login
When you make a HTTP GET request to "/alfresco/service/api/login?u={username}&pw={password?}" you get alf_ticket back which you then use in following request instead of loging in each time.
You just append "&alf_ticket=YOUR_TICKET" in your requests... :)