I have developed the WPF project with OAuth for Dropbox. I have faced some difficulties in the Access token generation process recently (It worked fine, a couple of days earlier).
I have used the Chromium browser for this process. While login with Dropbox account in chromium-browser returns the Blank URL instead of the Redirect URL with Access token.
Url: https://www.dropbox.com/oauth2/authorize?response_type=token&client_id=abcxxxxxx&redirect_uri=https:...
CefSharp version: 37
Please suggest me to how to proceed furtherly and let me know if any further information required from my end.
Related
I'm creating a app in Ionic 2, wich consumes a web api from an existing site. To use this API i have to make athenticate in it in the following way (Similar to facebook login):
I call the api login page in a InAppBrowser component, sending the proper keys and a return URL.
the user types the login and password in the form displayed, the API will validate it and authenticate it.
The API calls the return URL passing the authorization token.
I 'hijack' this redirect to the return url in the InAppBrowser 'loadstart' event, and extract and store the authorization token.
In the following calls to the API, i send the authorization token in the header.
This is all working fine in the emulator, but it doesn't work in the browser (with ionic serve), because when i call InAppBrowser it actually calls window.open, and the events doesnt work. I can't detect the redirect action made in the opened window.
I'd like to make this work in the browser since its better to debug the application there. My first thought was to send "http://localhost:8001" as the return url, but I couldn't find a way to catch the token parameter in the ionic application.
Does anyone know how I can catch this parameter or any other way to make this login work in the browser? It is for development and debug purposes only, so strict security is not a issue (I can comment out any unsecure code in the production version).
Edit: Hayden Braxton answer didn't solve my problem, but since it was because of something exclusively to my app, and it could really help someone who wants to make plugins work, I'll keep it as the selected answer.
Besides that, I'll share the solution I found to my problem in case it could help anyone. It was simple, actually:
I pass "http://localhost:8001" as the api return_uri parameter
the api will, after checking the login and password, redirect to http://localhost:8001?token=MY_AUTH_TOKEN.
This will reload the application and call login page again.
In the login page i call this.platform.getQueryParam("token"); to get the token.
Add
"browser": "ionic-app-scripts serve --iscordovaserve --sourceMap source-map --wwwDir platforms/browser/www/ --buildDir platforms/browser/www/build",
to the script section of your package.json. Then instead of doing ionic serve, instead run
npm run browser
We use ionic2 to develop our apps where I work, and this is what we figured out after some research.
Before using this, you need to have the browser platform added. You can accomplish this with the following:
ionic add platform browser
If the browser platform is already added, delete the browser directory from your platforms directory and then run the add platform command, just to be on the safe side.
Please let me elaborate what I am trying to do.
What I want to do?
I am creating a cocoa application that uploads an user files to user's Onedrive and in order to do that I am requesting for an Access token by launching the access token URL in Safari.
https://login.live.com/oauth20_authorize.srf?client_id={APPLICATIONID}&scope=wl.signin+wl.offline_access+onedrive.readwrite&response_type=token&redirect_uri=https://login.live.com/oauth20_desktop.srf
Problem
Now the problem is how will I retrieve the access token from safari to my cocoa app?
In short: How to get one drive access token in Cocoa Application?
Please help. Many thanks
In order get access token on Local application you will need to follow given below steps:
Login to dev.onedrive.com and check YES on Mobile or desktop client app option
Take a browser control in you application and load the access token verify page
Add a URL change event for browser control
Whenever you get a url starting with https://login.live.com/oauth20_desktop.srf that has a # and access_token variable than it means you application has received the access from a user.
In case user clicks on NO(not providing access) then you will get a url starting with https://login.live.com/oauth20_desktop.srf?lc=1033#error=access_denied
Note: The idea is very simple. You will need to monitor URL changes and do the task accordingly.
P.S: Keep in mind that the redirect URL for local apps will be https://login.live.com/oauth20_desktop.srf
Our web app allows users to log in via Facebook. Technically, we are using Facebook OAuth2. We have implemented this login process two years ago. It worked fine until 13th November 2015 but since that day it does not. When our server sends the request
https://graph.facebook.com/oauth/access_token
with appropriate parameters (client_id, redirect_uri, client_secret, code), the response from Facebook has HTTP status 400. The response body is a HTML page saying "Sorry, something went wrong".
On 13th November, there was some problem on Facebook probably.
I have found the following message:
http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-down-site-breaks-for-many-people-though-not-for-everyone-a6732906.html
However, our server still gets this error response after a week. We have an instance of the system deployed in the production environment and one more instance in the test environment (with different Facebook account, i.e. with different client_id and client_secret). Currently, Facebook login works fine in the test environment. I am not sure if it worked on 13th November.
Do you have any experience with recovery from such problem? Why does Facebook login work in test environment and does not work in the production environment in the same app? Why did the production instance break on a particular day and is still broken a week later?
Thanks for any help.
I had the same issue. I believe that the issue stems from passing in invalid scope in your authentication requests. Try removing the scopes in your authentication request to see if that works.
One more corner case I found in 2022:
In the App Dashboard, if you choose Facebook login for Business, same error happens. It will go away as soon as you select Facebook Login one.
Finally, the issue was resolved by restarting the servlet container (Tomcat 7). However, I have no idea why.
All of this is using exclusively the login button. Not the API serverside and not FB.login(). It would work for me sometimes and sometimes not and I couldn't figure out why. I would open a new window and it may work, or may not - but it seemed like once broken it was broken.
There appears to be an issue when using the Chrome 'Device simulator'.
Looking at the SDK Javascript (that's to say the SDK that the Facebook Login button uses) it checks to see if the device is a 'touch' device and if so it will use the m.facebook.com domain when requesting the oauth token.
This domain fails m.facebook.com:
However if the mobile device mode isn't activated when the page loads then it uses www.facebook.com and succeeds:
So for me the current workaround is:
Assuming you are developing with the console active.
When you need to reload your page press Ctrl + Shift + M to deactivate the mobile device mode.
Refresh the page
Once the button has initialized press Ctrl + Shift + M to reactivate it again.
If you see m.facebook.com then you didn't do it fast enough, or maybe you're using something like Angular with hot reload and you need to manually refresh.
I wrote an application that downloads data from Analytics API. I didn’t have problem with login I used the OAuth 2.0 on my first computer, the problem is that now I’ve changed to my laptop, the authentication doesn’t work correctly.
The program use the next url for obtain the authentication:
https://accounts.google.com/o/oauth2/auth?client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com&redirect_uri=http://localhost:53636/Callback&response_type=code&scope=https://www.googleapis.com/auth/analytics.readonly
If I put this url in the old laptop the login works, but If I use the same url for login in the new laptop only obtain a access without connection.
I don’t understand why I get different results depends on the computer.
I've implemented a simple OAuth2 for Authentication login system that is working reliably on my dev server using a localhost redirect uri.
When testing from a production server, with updated redirect uri, the Google account permission interface opens up for the user logging in. After authorizing account access, the browser just hangs on "Waiting for accounts.google.com..." and doesn't go anywhere. At this point, I can see that the application has been granted access to my profile by viewing account permissions on my Google account dashboard.
If I change the redirect uri to an invalid one, I do get the invalid redirect uri Google error message back, so it looks like the redirection cannot reach my redirect uri. I can reach the reditect uri directly through a browser though. Any pointers?
Had a similar problem trying to create a "Login with Google" App. Since this was my first Google App, and I was also just first using the social networking setups in the software package which I bought BEFORE the Google API had changed, I was at a complete loss as where to start.
It finally dawned on me to redirect Google (via the App settings in the developer console) to a test web page on my site (instead of the page defined by the software package,) and all worked as expected, meaning Google redirected properly to the test page (which was actually just my root index.php). This told me that because the Google API had changed, my software package functionality was obsolete, and I needed to explore the code there.