Hi I got 'publish_actions' permission approved for my Facebook App.
But when any user accessing this app, it is not prompting for 'post on your behalf on Facebook' permission. Unless this when any user try to comment on Facebook using this app, Facebook returns error stating:
'(#200) Requires extended permission: publish_actions' OR 'The remote
server returned an error: (403) Forbidden'.
Can any one please help me in this? Thanks in advance.
This error is thrown when you are using publish_actions permission without review.
For testing purpose you can always make a test user in Roles column of MyApp in developers.facebook.com and then use it..
Did you log the user in and ask for the publish_actions permission? If so can you provide the code you used for login and for sending the graph request?
The information in https://developers.facebook.com/docs/facebook-login/ios/permissions might be helpful
Related
We have a code that logins to Sharepoint Online using :
https://login.microsoftonline.com/extSTS.srf or https://login.microsoftonline.com/RST2.srf, but recently we starting to get authentication failed saying that "Incorrect Username or Password" and after some retries it returns:
"0x80048823 message : AADSTS70002: Error validating credentials. AADSTS50053: You've tried to sign in too many times with an incorrect user ID or password."
While using same username and password to login in the browser works fine, and neither password or username were changed, also code didn't changed. As same code works fine for another Sharepoint tenants. Seems that something changed in the Microsoft login servers, where it's started to not accept user credentials, while web browser login works fine.
Please advise.
Thanks
Microsoft Rep has helped me get this far.
They had us create a "Cloud Only" user. This user was setup as "#" so if your name is bill and your corporate sharepoint site is name is FakeCompany.sharepoint.com then you would have the person as "bill#FakeCompany.onmicrosoft.com"
This user was able to login to https://login.microsoftonline.com/extSTS.srf by just passing username and password.
Our on prem AD users are still having issues, i mentioned this and got the following response.
There is no issue with sync as you are able to login to portal using the same account and password.
The solution you need is documented in https://learn.microsoft.com/en-gb/azure/active-directory/manage-apps/configure-authentication-for-federated-users-portal#enable-direct-authentication-for-legacy-applications
You need to create a home realm discovery (HRD) policy where "AllowCloudPasswordValidation":true.
We have not yet implemented the last solution but the creating of a cloud account may help some of you.
So I think I understand what they are trying to say. There are 2 paths that you are able to authenticate with according to the node-sp-auth example.
"Managed" and "Federated"
"Managed" was the easier version and allowed for you to be able to just provide username and credentials in a soap assertion to login.
Federated is a lot more complicated. You need to first perform a post to Microsoft to validate the user hitting your adfs server. https://adfs.XXXXXXX.com/adfs/services/trust/13/usernamemixed
Then you take the saml:Assertion from that response and put it into the "Token" section of the call you make to https://login.microsoftonline.com/extSTS.srf utilizing the templates from the node-sp-auth.
I have C# code that performs all these steps but I am getting an error
AADSTS70002: Error validating credentials. AADSTS50008: SAML token is invalid. AADSTS50006: Invalid signature. Signature verification failed.
Even though the signature is being generated by Microsoft in their SAML.
node-sp-auth code refrence is OnlineUserCredential.ts file.
If someone can figure out the last mile I can post a comprehensive C# solution.
After changed password of user "admin", i can't login to device manager.
Welcome screen it turning and then tell me that there is an error :
[2017-10-23 10:11:41,401] [IoT-Core] ERROR {org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl} - Invalid OAuth Token : Invalid access token
[2017-10-23 10:11:41,401] [IoT-Core] ERROR {org.wso2.carbon.apimgt.rest.api.util.impl.WebAppAuthenticatorImpl} - Authentication failed. Please check your username/password
[2017-10-23 10:11:41,401] [IoT-Core] WARN {org.apache.cxf.phase.PhaseInterceptorChain} - Interceptor for {http://store.api.rest.apimgt.carbon.wso2.org/}SwaggerJsonApi has thrown exception, unwinding now
org.apache.cxf.interceptor.security.AuthenticationException: Unauthenticated request
It seems to have a fix (https://github.com/wso2/product-iots/issues/1033) but how can i fix it in 3.1.0?
Edit : I've changed db from H2 to mysql and now i can't change admin password in device management console.
i cant add user anymore too.
error in user management :
DataTables warning: table id=user-grid - Ajax error. For more information about this error, please see http://datatables.net/tn/7
error when i try to change admin password showed in browser:
900908Resource
forbidden Access failure for API:
/api/device-mgt/v1.0/users/1.0.0, version: 1.0.0 status: (900908) -
Resource forbidden
Backed to H2 DB for this part, still no luck. When admin password changed, device manager in not accessible for super admin.
Edit2 :
I've found a trick.
Backed to H2 for user management, i've created another user with all roles.
Then i've changed admin password to "disable" it.
It works, my new admin have all roles.
But when admin password is changed, access to store is forbidden.
this article says it fixed : https://wso2.org/jira/browse/EMM-1295
I've rechanged admin pass, no message. Maybe i made a mistake.
Thanks.
Regards,
Alex.
After searches, i found this :
https://docs.wso2.com/display/IoTS310/Changing+the+Super+Administrator+Username+and+Password
Tested and OK.
YOu have to change password on the webinterface carbon.
And follow the instruction on link above.
I am getting permission denied issue in 1.9 with REST API even though added all required Roles and Permissions.
Its working for guest users and getting the JSON result.
I can take customers via url api/rest/products?limit=1 without any authentication if i enabled Guest permission.
Same time its working with oAuth for a valid admin used.
But if i disabled guest permissions its not working for a valid admin user, showing the permission denied message.
When i check the access log, i can see like below
exception 'Mage_Api2_Exception' with message 'Access denied' in /var/www/html/app/code/core/Mage/Api2/Model/Server.php:217
Stack trace: #0 var/www/html/app/code/core/Mage/Api2/Model/Server.php(106): Mage_Api2_Model_Server->_allow(Object(Mage_Api2_Model_Request), Object(Mage_Api2_Model_Auth_User_Guest))
#1 /var/www/html/api.php(73): Mage_Api2_Model_Server->run()
is it because each API request via oAuth treats in Guest mode ?
How are you testing? Are you absolutely sure that you are indeed running an authorised request when disabling guest permission?
Maybe you can do some step-by-step debug in the class method _allow of Mage_Api2_Model_Server.
I'm trying to get Facebook authentication working with Devise through omniauth-facebook, I've followed the instructions here: https://github.com/plataformatec/devise/wiki/OmniAuth%3a-Overview
When I follow the login with Facebook link I am redirected to Facebook to login and accept the requested permissions.
I am then taken back to /users/sign_in with the error message "Could not authorize you from Facebook because "Invalid credentials""
Looking at the server logs the redirect comes from "/users/auth/facebook/callback?code=[long text string]" which is being processed with Users::OmniauthCallbacksController#failure rather than Users::OmniauthCallbacksController#facebook as I would have expected if it had worked.
Any suggestions as to why this is happening and how to resolve it much appreciated.
Ok, I had the very same issue. The reason for me turned out that I had defined this line in config/initializers/devise.rb:
config.omniauth :facebook ...
The app id and app secret were defined for my test Facebook app, and for production one. Fixing those id:s now fixed the problem.
facebook changes protocol from oauth to oauth2
the main difference that credentials (id, token, name..) now packaged into one hash. You should parse.
One of the users of our FB application let us know that there were some issues with our application on the 'users' side when they tried to update the app settings via Account Settings > App Settings. When selecting to edit your settings for application, the following error is displayed:
"The app requested an invalid permission."
My first thought was to check what my permissions where, and they all were valid! (see below):
user_photos friends_photos read_stream publish_stream user_likes
user_location friends_likes friends_hometown user_birthday
friends_birthday friends_checkins user_status friends_status
friends_education_history
Anyone ever experience this? I wasn't able to find anything on the interwebs
Yes! But only with one app. I access this from my iPhone through Facebook. I tried to reset my phone, but that didn't fix it. I tried to delete the app and reinstall, but that also didn't work. So I tried to reset the permission and ended up removing it once the message came through.
Then I tried to reinstall - all my friends are still gone and it says my Facebook is logged in but it's just not working as it was! And no sorry, I don't have any fix Yet, but I'm determined!