I'm working in a vue.js frontend. I can successfully make calls to stitch and write to the database if I use anonymous authentication. When I switch to Google oauth and attempt to make the same write call to the database I get the following error:
uncaught exception: t: (MustAuthenticateFirst): method called requires being authenticated
I've setup the Google Authentication Provider in the Stitch Admin console. I've created and configured a project on the Google Cloud Platform. In my vue code I've added a "login with google" button that runs this snippet:
loginWithGoogle() {
const googleCredential = new GoogleRedirectCredential();
client.auth.loginWithRedirect(googleCredential);
},
When I click to login I'm redirected to a Google form and asked to login by Google, then successfully redirected back to my app. But when I then try to write to stitch database it still says that I must authenticate first.
do you call de hasRedirectResult() and handleRedirectResult() when google redirect back to your app?. This method store credential locally (I guest in localstorage).
Related
I am working on creating an mobile app using Expo (managed workflow). I have a backend server which this app will connect to. The backend server has its own authentication with username and password and all other endpoints are protected based on a token that you would receive by signing in to the API using a /authenticate endpoint.
Now, I would like to add a 'Sign in with Google' feature to my app. From the Expo's AuthSession documentations, it looks like somehow the app can authenticate with Google. I want to use this identity to authenticate with my backend API.
I created a /api/auth/google endpoint in my API that uses passport google-oauth, redirects user to google and get authorization code sent to /api/auth/google/callback. I then use the authorization code to access Google's people API, to get the email to validate the user and respond back with a access token for my API if the Google sign in was successful. This works fine when using in a browser.
I want to do something similar for the react-native app. When I use the Google example in Expo's AuthSession, it gives me back a access_token. I have no idea how it gets an access_token because the app does not know my client secret. But still, I don't know how to use it to login to my API and get my API's token.
I have thought about using AuthSession to directly open my API's /api/auth/google, so it would redirect correctly and my backend can then send my API's token to the app. The problem with this is, when someone clicks on the 'Sign in with Google' button in the app, apple will tell you 'App name wants to use myapi.com to sign in' or something along those lines instead of Google.com. Additionally when I add more sign in options like Sign in with Facebook and Sign in with Something else, the user's phone will always say that the app wants to use myapi.com to sign in and then in turn be redirected to Google/Facebook or something else. I am not sure if this is allowed and would count as misleading the user and get rejected form the app store. I tried logging into some of the apps on my phone and clicking on 'Sign in with Google' tells the app is trying to sign in with Google.com and 'Sign in with Facebook' tells that the app is trying to sign in with Facebook.com correctly. But then I also know that the app eventually authenticates with its own API somehow. I don't know what is the right way to do that.
Can someone help? Thanks.
I'm using IdentityServer4 with Asp.Net Core Identity. In Identity Server I enabled GOOGLE as external provider. I'm able to LOGIN with GOOGLE. The first time I try to LOG IN with GOOGLE the Identity Server shows to me the pages of the GOOGLE where I can choose the account or insert my credentials.
When I LOGOUT I receive the message that I'm logged out but when I try to LOGIN again with GOOGLE I'm directly logged in without to enter my credentials and if I have more than 1 GOOGLE account I'm not able to choose a different one.
This happens both if I connect directly to the server from the Login screen and if I do it via AuthRequest in Expo native app calling endsession endpoint with id_token_hint enhanced.
Why? I'm getting crazy.
I found this solution:
await WebBrowser.openAuthSessionAsync("https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://myIdentityServerEndSessionEndpoint", "exp://myReactNativeApp");
As the title suggests, how to manage the user state in Firebase authentication within an SSR Nuxt.js application? The following conditions should be met after a successful login:
Users should be able to visit protected resources when navigating
between pages
Users should be able to reload browser and still be signed into the
application. They shouldn't be redirected to the login screen
Firebase's default behaviour is to persist the user's session
even after the user closes the browser. Users should not have to
login to the application again if they close their browser and reopen
it and when there is still a valid Firebase user available
I was able to solve this problem by using the following:
Express server - using axios posts to manage the login on receiving
the request save the user ID in the session and save the access token
in a cookie
Vuex - store user state so easily accessible within my Nuxt application
Nuxt server middleware - used to check the authentication status of
the user on the server. Looking for user ID in the session or the
access token in a cookie that would have been created on login
Access to the code containing a working, running example of this scenario can be found in this GitHub repository.
I have also written a more detailed blog entry regarding all the important files used in the project.
While implementing the Facebook Connect to a web application , its possible to show Facebook Sign up page in a pop up and once logging in and Granting permissions are complete, its possible to Authenticate Again in PHP and to get the necessary details of the user, - id, email etc.
I believe, thats secure because, the User Insertion is not based on the Ajax Request Parameters.
Is it possible to do the same with Google Plus Login also ?
Means - Logging in to Google - Using Javascript SDK, asking permissions, Authenticating all done in a Pop Up Window. and then, Creating a new user with the Help of google-api-php-client ??
Yes, what you're trying to do is outlined with https://developers.google.com/+/web/signin/server-side-flow which includes some PHP code samples to help you do this. In general, the steps at authentication time are:
User clicks the "Sign in with Google" button which may pop-up a new window at Google prompting them to log in and authorize your webapp.
After they do so, a one-time code is sent to a JavaScript callback you specify.
Your Javascript method sends this code to your PHP server.
Your PHP server uses the client library to contact Google's server and exchange this one-time code for an access token and refresh token, which you keep and use to perform actions on the user's behalf.
I am building an app with the functionality to publish
messages to users walls while specific actions runs on
my website.
What I have done is (briefly):
Registered my own app on Facebook
Added a login button on my website with permission
to publish:
Log in on Facebook
Downloaded facebook-php-sdk library
It is now I start having problems. I do not know how
to do what I want to do now.
What I want to do:
When a user logs on to facebook via my website. I want
a file on my site to be called, where I can update the
user's data in my own database as well.
Because that is not what the canvas url is meant to do? How it
is no, seems no file at all is called on my site when
I click on Login.
Since you are using the Facebook PHP-SDK you noticed that there are two options for the users to login:
Using the XFBML button, which will:
Open a login dialog (pop-up) asking for permissions..etc
When a successful authentication/authorization is complete the dialog will close, the auth.login event will be triggered and based on that the page will get reloaded window.location.reload();
The PHP in the top of the page will get into business and $session = $facebook->getSession(); will actually retrieve a session! $user = $facebook->getUser(); will retrieve the current user
Using the Login URL generated by the Library $loginUrl = $facebook->getLoginUrl(); this URL will get you through the same flow and if you noticed there's a next redirect_uri parameter which will redirect you back after a successful process to that URL (mainly the same URL you are at), where you can change that parameter if you like.
The canvas URL is the URL Facebook uses when it displays your application from within Facebook. You would use this functionality if you expect users to use your application while in Facebook itself.
When authenticating using Facebook's API (assuming graph API usage here), you provide a redirect_uri as part of the authentication URL. Once Facebook has authorized your application, it will redirect the user's web browser to the URI you specified. This URI can be any link you desire on your site. You should use the link as the determination of when the user is logged in successfully, e.g., https://mywebsite/facebook/loggedin.