I have been trying to use react facebook login libraries for social authentication. In a local setup using a ngrok domain its working well but on my remote server where I add my app domain login status becomes cancelled. May someone help me understand where I may be getting it wrong. I have used react-facebook-login, react-social-login, #greatsumini/react-facebook-login - and I seem to be getting the same problem
Related
I am developing a web app which is using Django-rest for the backend, react-admin for the frontend, and firebase for authentication. Currently, I am developing the user part and have faced an issue. I have not used firebase before and the docs provided in firebase are not very clear to me.
The problem that I am having is that when I try to log in from the frontend it gives me access and lets me inside the website for a second and then it kicks me giving a 401 unauthorized status error and on the screen, a message pops up saying that my session has expired. When I check the console, everything is synced up and reads all of my credentials, generates a uid but somehow it denies it.
Here is the code.
This is the view from django
This is my react-admin setup
Could someone experienced help with my issue or guide me somehow, please?
I am developing an ASP.NET MVC website. It is hosted in Azure and users are authenticated with AAD for our single tenant. I intend to make the website available in a Teams app, so that my coworkers can navigate to my website via the Teams Windows app and the mobile app.
I follow these steps to integrate security in a web browser: https://learn.microsoft.com/en-us/learn/modules/msgraph-build-aspnetmvc-apps/5-exercise-add-auth
I followed these directions to integrate security with Teams: https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-aad-sso. I'm not sure that I did this correctly.
At this point, I can:
Login with a web browser
Login via Teams mobile app
Load Teams in a web browser then load my app (not a use case that I need to support, but this worked and I was not prompted to login. I assume that I wasn't prompted to login because I was already logged in directly in another browser tab).
I cannot:
Login via Teams Windows app -- This is my primary use case unfortunately.
When I try to login with the Teams application on Windows (using the same pages and forms as on mobile), the page just disappears. I'm not prompted with the usual Microsoft login page.
How can I diagnose the cause of the problem? I don't see any obvious errors reported in Teams. Is there any way to get access to the root error?
EDIT:
login.microsoftonline.com is reporting "Your browser is currently set to block cookies. You need to allow cookies to use this service." I'm now aware of the SameSite changes (https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-handle-samesite-cookie-changes-chrome-browser?tabs=dotnet) and I've implemented the recommended SameSiteCookieManager code to address the SameSite issue.
I'm still running into the same issue. No exceptions or errors reported except that Teams does not accept cookies.
May have to break this down further, here's how I would decipher it.
First of all, you will have to figure out if the issue is with Teams or on the Auth side.
Figure out which line of code is executing last? You can debug or write to terminal/logs.
Do you see any exceptions? Ideally debuggers can help or you can add some code to catch any exception.
If it's failing before executing any code, do you see any http requests going out, you can use fiddler for this. See if you are seeing any error codes.
If you are using Windows then check Event Logs for any errors or exceptions for Teams App. Look at the Application logs.
Look out for Audit logs and sign in logs and check if you see any activity in your tenant when you run this app.
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor
Some other points would be to check if you can repro this with a sample app or a different user(elevated user). If there is any additional info do share.
I have been updating a system that has been in place for sometime and finding some clients have issues with login on mobile devices.
I have a test system in place and setup Application in Azure AD and noticed during testing if I login with incorrect credentials, login.microsoftonline.com will show:
Sorry, but we’re having trouble signing you in.
AADSTS50020: User account...
When login to the clients live systems I don't see this error and just get returned to the home page of the application.
The only difference is the client apps are configured with credentials for there Azure AD instance and I cannot access them. These where also built on the legacy App Registrations but that shouldn't be issue (ha). The server side is the same implementation.
Why am I not seeing the AADSTS errors in productions sites?
If you are not seeing any error and are just getting returned to the homepage it seems more likely to be an issue with the Redirect URI or the app registration configuration.
Please confirm that the redirect URIs in your application and in your registration are what they are intended be.
Also, ask them to check the developer tool logs when signing in to see if anything shows up. It might be failing but not triggering the error message.
I have installed the AWS Amplify CLI and added federated authentication through Facebook. In Cognito, the attributes are appropriately mapped.
When using the AWS Amplify (aws-amplify) React library, using the Auth component, I provide a button to the user for login, which calls Auth.federatedSignIn({provider: 'Facebook'}). The call goes to Facebook successfully and redirects back to my app successfully.
However, I get an error, saying "username attribute mapping required." But when I go to Cognito, I've mapped username to ID. Thoughts as to why I'm getting this error?
TLDR: turn off "Require App Secret" in your app's Facebook developer portal settings.
I wasn't able to pinpoint a more valuable error code until I tried to use Facebook's login in a more direct approach (i.e., outside of Amplify). I finally received the error "API calls from the server require an appsecret_proof argument," which led me here.
The Facebook team responded with:
This issue was caused by a backend change that has made appsecret_proof incompatible with the JavaScript API. After evaluating the change, it has been decided that this behavior will have to remain. As such, for your apps that use the JavaScript API, you will now need to uncheck "Require App Secret." You may then want to set up a separate app for your server side logic so that appsecret_proof can be used for increased security.
Once I turned off "Require App Secret," I was set. If that level of security doesn't matter to you for your application, then this is the only answer, unless Amplify comes up with some server-side version.
I am using the salesforce mobile sdk to develop an application in native IOS. I was doing some testing logging in as a user. All was fine. Then I logged out. When I logout I call the coordinator revoke authentication method. I then tried to login as a new user who had never logged into the device and I received the following error: "Receiving Remote Access Authorization Error there was a problem in setting up your remote access." I then selected the Not me link and it logged me out. However, when I tried to login again as the user that wasn't able to login it takes me to the salesforce website for that user?!!!! It did not take me to the application but to the salesforce website? Anyone know why first the error above occurs? Does it have to do with a possible token issue? Also why would I be driven to the salesforce website when I try to login as the user again?
Note: The salesforce login is in its own webview component. I had a button to force a logout no matter where I am in the app. When I force the logout and try to login as the person it then takes me to the application. Very confused in terms of what is going on in this scenario.
There is potentially a solution posted here, or at least some clues: seems to suggest a timing issue and refreshing the web view in applicationDidBecomeActive might fix it
https://developer.salesforce.com/forums/ForumsMain?id=906F00000009CBgIAM
Also more information here:
http://help.salesforce.com/apex/HTViewSolution?id=000175700&language=en_US
You might also try making sure that you have a Connected App properly set up under Setup/Create/Apps, and that the key and return URL match those hardcoded in your app.