I'm creating a app in Ionic 2, wich consumes a web api from an existing site. To use this API i have to make athenticate in it in the following way (Similar to facebook login):
I call the api login page in a InAppBrowser component, sending the proper keys and a return URL.
the user types the login and password in the form displayed, the API will validate it and authenticate it.
The API calls the return URL passing the authorization token.
I 'hijack' this redirect to the return url in the InAppBrowser 'loadstart' event, and extract and store the authorization token.
In the following calls to the API, i send the authorization token in the header.
This is all working fine in the emulator, but it doesn't work in the browser (with ionic serve), because when i call InAppBrowser it actually calls window.open, and the events doesnt work. I can't detect the redirect action made in the opened window.
I'd like to make this work in the browser since its better to debug the application there. My first thought was to send "http://localhost:8001" as the return url, but I couldn't find a way to catch the token parameter in the ionic application.
Does anyone know how I can catch this parameter or any other way to make this login work in the browser? It is for development and debug purposes only, so strict security is not a issue (I can comment out any unsecure code in the production version).
Edit: Hayden Braxton answer didn't solve my problem, but since it was because of something exclusively to my app, and it could really help someone who wants to make plugins work, I'll keep it as the selected answer.
Besides that, I'll share the solution I found to my problem in case it could help anyone. It was simple, actually:
I pass "http://localhost:8001" as the api return_uri parameter
the api will, after checking the login and password, redirect to http://localhost:8001?token=MY_AUTH_TOKEN.
This will reload the application and call login page again.
In the login page i call this.platform.getQueryParam("token"); to get the token.
Add
"browser": "ionic-app-scripts serve --iscordovaserve --sourceMap source-map --wwwDir platforms/browser/www/ --buildDir platforms/browser/www/build",
to the script section of your package.json. Then instead of doing ionic serve, instead run
npm run browser
We use ionic2 to develop our apps where I work, and this is what we figured out after some research.
Before using this, you need to have the browser platform added. You can accomplish this with the following:
ionic add platform browser
If the browser platform is already added, delete the browser directory from your platforms directory and then run the add platform command, just to be on the safe side.
Related
I want to secure my electron app with firebase auth. The idea is that the user has to click on a button in the renderer process to "Sign up/ Login" and then a new browser window opens in his default browser (not in electron), the user signs up or in and returns back to electron app which automatically signs the user in.
I'm using the following:
Electron: 13.6.9
Angular: 12.1.2
I tried the Electron Firebase repo but to be completely honest I was totally overwhelmed. It's well documented on how to setup but not on how to implement it to an existing app.
I also found this but this seems to be highly insecure to have an auth token exposed: https://pesto.app/blog/how-to-authenticate-with-google-in-electron
Could you guys help me to figure this out in a conceptual way (if you have code examples even better)?
Thanks in advance!
I'm trying to use Cypress with a site that redirects users to a third-party site for authentication. Once a user logs in, they're automatically redirected back to the site we control. From what I've read, Cypress doesn't support this particular set up.
Authentication at the third-party site can happen through a popup as well. And I can make Cypress open that popup.
Is there a way I can detach the Cypress test runner from the log-in popup so that it's no longer under control by Cypress? If so, how is this done? I would like to do this so that I can automate the log-in with something else (namely, Puppeteer) and then run the actual tests in the base page in the Cypress iframe.
Since you can assume the AUT is accepting a request from the 3rd party at some point in time, there should be a solution where you fire that api request with cy.request in the same manner as the UI.
You'll likely have to store environment variables, or some other auth security for the key, but if you do that, the login flow can be replicated by Cypress without having to use their 3rd party code; which you won't be able to access with Cypress if it's an iframe or other common 3rd party auth UI setup.
I am using nuxt for frontend which uses vue-social-auth for social login and laravel for backend which is socialite. It works perfectly well for normal browsers but doesn't work in messanger and Facebook browser. Have anyone come with similar problem.
Any lead is much appreciated.
This has been resolved. If anyone faces this problem then please remove vue-social-auth. The problem was that the Facebook and messenger browsers doesn't close the popup given by vue-social-auth and doesn't redirect to the callback.
So the solution would be removing the vue-social-auth package and do it manually on the frontend and in the backend use the socialite stateless method to return JSON response for API calls.
I read all similar questions without arriving to the point.
I have a node instance and it runs on my "index.js" only in my local machine.
I have to take a cvs and put on new google sheet.
I have "credentials.json" in my project. Google say me "incorrect redirect_urls". But I cannot put a redirect url since it's a node script.
And I do not want to pass in a browser for a login. This because maybe tomorrow I will put the same script on a real server.
If you are trying to use the Google Sheep API I'm pretty sure you are not getting the results you want. ;)
Assuming you have enabled the Sheets API in you project, and you plan to use a server to deploy the application, then you need to configure you consent screen accordingly.
During development you can use localhost as a redirect URL, which will enable you to test the app.
You should have a read through this help article to correctly set up your OAuth credentials and consent screen for each type of project.
I'm trying to develop a rally app using the app builder. When I load App-debug.html in my browser, I am prompted to enter my user credentials in the form provided. I enter them, but the form re-appears over and over again.
I did notice that the login attempts to authenticate via https://rally1.rallydev.com:443. If I go to this in another window and enter my account details I am able to get in. However, when I do log in, there is a corporate redirect that takes place (for SSO) and I ultimately end up on us1.rallydev.com.
How would I get my app to authenticate through us1.rallydev.com. Changing urls in App.js and config.json only causes errors when trying to load javascript for APIs.
The app should always just piggyback on your existing session. Changing the serverin config.json and re-running rab build should cause all traffic to go to that server- if that's not happening then that's a bug.
You won't be able to authenticate from scratch using SSO from an app, but it should have no problem re-using an existing session.
Another option is to use an API Key to develop: https://help.rallydev.com/apps/2.0/doc/#!/guide/embedding_apps