I'm wondering how I can authenticate a user through their device, so they don't have to provide a username and password?
For example I'm on an Android tablet and I connect to www.mysite.com (which is an asp.net site). I want the web browser to submit something to www.mysite.com to handle the authentication so the user doesn't have to put in a username and password and can only use the service from the device.
For our use case we were able to control the url passed to the server. To initiate the process we have the user login once and we generate a guid to be appended to the url when they initially hit our site. When they hit our site with a guid and aren't logged in, we log them in.
Related
I am trying to set up an integration API between ServiceM8 and another 3rd party application. I need to create a webhook which requires Platform Services Authentication using Oauth.
I have created a developer account and a store item after which I got the APP ID and APP Secret which are required for the authenticatcation.
I initiated the authentication by redirecting the user to the url
https://www.servicem8.com/oauth/authorize?response_type=code&client_id=[App ID]&redirect_uri=[my redirect url]&scope=manage_jobs
The user was es expected directed to the login page.
However after logging in, instead of prompting the user to accept the required permissions and redirecting to the redirect_url the user is being redirected to the ServiceM8 dashboard page.
Can someone please help me.
Thanks
I have this application (Windows Form App) that require user to enter their Username and Password. Inside this application, there are shortcut for website and each of the website also require user to login first before they can use the website. But I want to bypass user when they click the shortcut for the website (if they already login for the application) where the login page will skipped and redirect user to the mainpage of the website. User will only required to login if they are accessing the website without using the application.
I used Process.Start() to run the website when the website shortcut is clicked. It open the website but redirect user to the login page. How do I bypass user credentials so that they will be able to login once (through the application) and can access all the website without do login again?
Edit : Is it possible if I use session inside my website login coding to redirect user to the main page? So it's like, when user login using the application, the website will automatically detect that the user already login, so user will be redirected to the main page of the website without going through the login page.
Give your user an API key that is stored in the user database table that is unique that changes when they login. Then in VB use Process.Start("https://example.com/login.php?api_key=" + 'add api_key retrieved from database on login) then in your PHP you check for the api_key as a login that will create the session for the logged in user.
I have a requirement in my application for iOS and Android, developed using IBM Worklight, to remember the user ID if the user selected this option.
I can achieve this by using localStorage, but the issue is that I have two login pages:
One is placed within the application, and the
Second is hosted on a remote server
Depending on the conditions the application will meet, either the remote login page will be displayed or the local login page will be displayed.
If I use localStorage on local page it is not accessible for server side login page. So I want to use some storage/file on the mobile to store my user id which is accessible for both local and server login page. Is this is possible using worklight/phonegap storage?
More explanation:
Remote login page is hosted on some www.xxx.com domain. My requirement is on launch of application the local login page is shown to the user, there user can enter user id and password and selects remember me option and submits form. Then user logs in and navigated to some xxx.com/yyy server page. From there when user clicks on log out it navigates to remote login page which is hosted on www.xxx.com server. As user already checked remember me option in local page the remote login page has to pre populate the user id text box. And same scenario should happen when user enters credentials in remote login page and selects remember me check box. So when user kills the application from background and relaunches the application user will get local login page where I need to pre populate the user id last time he entered.
Short answer: in my opinion, no.
Longer answer: I will explain what I think using your scenario:
Remote login page is hosted on some www.xxx.com domain. My requirement
is on launch of application the local login page is shown to the user,
there user can enter user id and password and selects remember me
option and submits form.
So far so good. You can store it in either Web Storage or JSONStore or use Cordova File API. Catch: all of these are available ONLY for the specific application.
Then user logs in and navigated to some xxx.com/yyy server page. From
there when user clicks on log out it navigates to remote login page
which is hosted on www.xxx.com server. As user already checked
remember me option in local page the remote login page has to pre
populate the user id text box.
Still plausible. Lets say the user selected 'Remember Me', so you can adjust the URL pointing to the remote login page and send with it as parameters the username and password. Assuming that there will a mechanism to handle those on the remote page.
This does not come for free, though.
This is not meant to work out-of-the-box. It's worth noting that whether Web Storage (localStorage...) is used or any other type of storage- the application and the Cordova InAppBrowser do not share the same localStorage, and the same is true if you open a new WebView.
And same scenario should happen when user enters credentials in remote
login page and selects remember me check box. So when user kills the
application from background and relaunches the application user will
get local login page where I need to pre populate the user id last
time he entered.
This is also a problem IMO, because any application is sandboxed - be it the browser app or the Worklight app, each of them is sandboxed. so you can't just go to website X, and create some localStorage for it and expect that data to be available for another WebView belonging to another app. That's the whole point of sandboxing, in order to protect the app.
And in this case, where the remote "page" will save the data, only Web Storage is available anyway, as JSONStore requires the Worklight API, which is not available when you load external websites.
Notes:
Since you want to save both username and password, you'd probably want to encrypt them in some way, so JSONStore and WL.EncryptedCache are your options, rather than plain Web Storage.
Is it possible to achieve Azure Active Directory authentication without going to browser window? I will have username and password via the mobile app login interface.
I need to achieve below scenario:
Use open mobile application (ios/android)
Enter Azure AD username and password to app login screen - e.g. user#tenant.onmicrosoft.com & password
I pass those information to .net web service - which need to call some Azure AD api to validate user credential before proceed to perform other business logic/make database calls
Any recommendation? I DON'T want user to redirect to any login window/page as this will not be good user experience.
I have already checked few different articles but not satisfactory response yet.
Thank you for your time.
I believe below link is helpful.
http://www.cloudidentity.com/blog/2014/07/08/using-adal-net-to-authenticate-users-via-usernamepassword/
I am trying to create a sample test application that authenticates a user wearing Google Glass.
I have read the following page
https://developers.google.com/glass/develop/gdk/authentication
I need to know how will the authentication actually work. Now lets say I have an app "XYZ" uploaded onto MyGlass. User turns on the app via MyGlass and then automatically gets redirected to a web page say, for example,
http://www.example.com/glass/authenticate.html
In this web page, he has to sign in using a username and password. Once he clicks submit will he be redirected to another webpage on the browser or will the Glass application get activated. Where will the userToken be obtained. Will it be on Glass?
I am really confused. Please can someone help me out.
What exactly is the flow for authentication on Glass?
Assuming you're doing 3rd part authentication (i.e. your own users, not google accounts).
Once you click Submit on your login page:
Server-side: If the user is valid, call the Mirror API to insert the account, including your authToken and the userToken. The userToken will be a query parameter added to your login url by the glassware store.
Close the page using window.close(). The Glassware will then be installed on the user's device.
When the user launches your glassware, retrieve the account from the Mirror API, and then retrieve the authToken that you inserted in step 1. for that particular account.