I am not able to figure out how do I use facebook's client side authentication with Durandal.js. Can someone provide me with some example of something?
I tried to initialize facebook's authentication on view attached of my home view but that just doesn't work. It returns undefined user's name, although it launches facebook's login popup and closes it when I am logged in but it just doesn't returns me any response.
For Durandal authentication, check out: https://github.com/yagopv/DurandalAuth
Related
I am working on creating an mobile app using Expo (managed workflow). I have a backend server which this app will connect to. The backend server has its own authentication with username and password and all other endpoints are protected based on a token that you would receive by signing in to the API using a /authenticate endpoint.
Now, I would like to add a 'Sign in with Google' feature to my app. From the Expo's AuthSession documentations, it looks like somehow the app can authenticate with Google. I want to use this identity to authenticate with my backend API.
I created a /api/auth/google endpoint in my API that uses passport google-oauth, redirects user to google and get authorization code sent to /api/auth/google/callback. I then use the authorization code to access Google's people API, to get the email to validate the user and respond back with a access token for my API if the Google sign in was successful. This works fine when using in a browser.
I want to do something similar for the react-native app. When I use the Google example in Expo's AuthSession, it gives me back a access_token. I have no idea how it gets an access_token because the app does not know my client secret. But still, I don't know how to use it to login to my API and get my API's token.
I have thought about using AuthSession to directly open my API's /api/auth/google, so it would redirect correctly and my backend can then send my API's token to the app. The problem with this is, when someone clicks on the 'Sign in with Google' button in the app, apple will tell you 'App name wants to use myapi.com to sign in' or something along those lines instead of Google.com. Additionally when I add more sign in options like Sign in with Facebook and Sign in with Something else, the user's phone will always say that the app wants to use myapi.com to sign in and then in turn be redirected to Google/Facebook or something else. I am not sure if this is allowed and would count as misleading the user and get rejected form the app store. I tried logging into some of the apps on my phone and clicking on 'Sign in with Google' tells the app is trying to sign in with Google.com and 'Sign in with Facebook' tells that the app is trying to sign in with Facebook.com correctly. But then I also know that the app eventually authenticates with its own API somehow. I don't know what is the right way to do that.
Can someone help? Thanks.
I am trying to build an SSO login flow on a React Native app using Okta's oauth 2.0 api.
Here is the flow that I am trying to achieve:
(1) webview renders login page from /oauth2/:authorizationServerId/v1/authorize?response_type=code&response_mode=query&client_id=&scope=&redirect_uri=___.
(2) user logs in.
(3) webview renders redirect_uri with authorization code in url.
(4) I extract authorization code and send it along with client id, client secret, and other necessary params to /oauth2/:authorizationServerId/v1/token.
(5) endpoint responds with accessToken.
I am able to get the accessToken through this process using postman and curl so I know that this works. I have also verified that this exact flow works on a Xamarin app.
However, when trying to hit the /oauth2/:authorizationServerId/v1/token route from my React Native app after getting the authorization code, I always get a 403 without an error message.
I am using fetch for my api calls and used the not-CRNA way of creating my app.
Has anyone ever come across this issue before? In general, has anyone been able to get this type of Okta flow to work with React Native?
At first I thought it was a CORS issue but followed the CORS test here and verified that this was not the case.
I also thought it was an issue with making a fetch request and rendering a webview at the same time. I built my own Okta sign-in page so I wouldn't have to use a webview and used this flow but got the same 403.
Any and all help on this would be greatly appreciated.
Thanks!
I have multiple ember apps, but just one of them has the login page. I want to authenticate all of them with this unique page. How can I redirect other apps to an external login page using ember-simple-auth and redirect to the corresponding app after the authentication?
You need to write custom authenticator. In it's authenticate method I suggest to not redirect, but open a child window with login page. And that login page should be able to communicate with your ember app in some way (window.postMessage for example) in order to give your app auth token. Authenticator must wait until it receive answer (promise and timer will help with waiting). I used such method with google's oauth in node-webkit application (my authenticator opens google's oauth page where user prompted to give my app an access). I don't want to share a code because its too big, complex and have code specific to nw.js but I hope my answer will help. I used code of oauth2 authenticator to develop my own, it helped me a lot.
I want to use instagram's API but it asks me for authentication. I have logged in instagram but still I cannot get the authentication. Going through the web I found that we need to Register a new client but I don't know what details I need to give there.
This is certainly not a comprehensive answer, but to get you started go to https://www.instagram.com/developer/register/ and look for the Manage Clients button in the upper right corner. You'll need to be logged in first. Then click Register Your Application. You will have to have your callback URL ready to go, what they call the redirect_uri.
I'm trying to authenticate a user through the RESTful API (not Connect) but I can't since the callback system does not work for me. I have a local app that creates the Facebook API object with my key and secret, then calls the Facebook API require_login() method; I am sent to Facebook login, I login, and then I am sent to http://www.facebook.com/login.php?auth_token=<...>, where there's another login with just a field for password (not username), I write it again, and after that I am redirected to normal Facebook home. What am I doing wrong? I have set the callback URL in the Facebook app proprieties. Does it have anything to do with the fact that it's localhost?
Thanks!
Yes, if you tell facebook to go to localhost, it has no way of knowing where to go. Is your app fbml or iframe? If iframe I'm guessing there's a remote chance that localhost would actually work since the frame loads and then your browser can find localhost. I'm not sure of that, I wouldn't bother trying. But if it's fbml, Facebook needs to be able to hit your server. Give it your external IP instead.
I managed to make the redirect in the end. It appears the "Canvas Callback URL" is what I needed to set, and not the Authentication one.