I'm running App Engine's local dev_appserver.py and trying to authenticate using the Paw app for Mac.
Here Paw correctly renders the login page:
However, every time I sign in, it asks me if I'd like to open the subsequent page in Chrome.
I would like Paw to store the login credentials but have no idea how to tell it to do that. Any help would be greatly appreciated.
I was able to find a hacky way around this by manually copying cookie values from Google Chrome. Here's how I did that:
Sign in to local app via Chrome
Open Developer Tools
Under Storage, expand Cookies and click on http://localhost:8080
Find the cookie named dev_appserver_login
Next, it's as simple as copying over each value into Paw's Cookie Sessions window.
Open the Cookie Sessions window
Copy over the Name, Value, Domain, and Path into a row in the cookies list
Going back to Paw and executing a request that requires auth, everything works:
Related
Just starting to build my first Google Chrome Extension and I'm confused about how one could pass user credentials from an app, and log users into the extension.
I need to pass a user key. Can Chrome Storage be used for that?
I have tried another similar that signs users in with just a click to their app, if a user is logged in then it seems that Identity Token is somehow passed to the extension. How do you achieve this? Chrome storage? Oauth2?
PS: I'm not trying to log them in with Google Sign In but to my app, which accepts its own sign-in + Google and LinkedIn sign-in.
Thank you
I have Azure App Service EasyAuth working successfully with Google, Microsoft, and Facebook providers in my Mobile App using the MobileServiceClient.LoginAsync method. However, I'm having trouble getting it to work with Apple.
I am able to successfully kick off the authentication process as follows:
await myMobileServiceClient.LoginAsync("Apple", "myapp");
This does launch a new browser window and display the Apple login. I am able to authenticate successfully in the browser window.
The first problem I have is that post_login_redirect_url is being ignored and not passing back control to the mobile app using the myapp://easyauth.callback protocol. Instead, the login successful page is displayed in my Azure App Service website and there is no redirect.
I managed to hack around this issue by omitting the code_challenge and code_challenge_method parameters in the call to my Azure App Service. This DOES NOT pass back control to the mobile app using a redirect:
https://.azurewebsites.net/.auth/login/apple?post_login_redirect_url=myapp%3A%2F%2Feasyauth.callback%2F&code_challenge=WxdeYYJSn5ZoozK0i7WPwYMryh%2BNokYryHevXD2%2BG3k%3D&code_challenge_method=S256
This DOES pass back control to the mobile app after authentication:
https://.azurewebsites.net/.auth/login/apple?post_login_redirect_url=myapp%3A%2F%2Feasyauth.callback%2F
The second problem, regardless of whether I meddle with the call to the Azure App Service above, I do not get back an authorization_code parameter. Instead, I get a token:
https://.azurewebsites.net/.auth/login/done#token=%7B%22authenticationToken%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdGFibGVfc2lkIjoic2lkOmFkZTg4ZDIwMjMzNjgzZGFhYTU0NmU1OGE0Zjg5MmYxIiwic3ViIjoic2lkOmFkZTg4ZDIwMjMzNjgzZGFhYTU0NmU1OGE0Zjg5MmYxIiwiaWRwIjoiYXBwbGUiLCJ2ZXIiOiIzIiwibmJmIjoxNjUyMzg4NDI5LCJleHAiOjE2NTIzOTIwMjksImlhdCI6MTY1MjM4ODQyOSwiaXNzIjoiaHR0cHM6Ly9vc3hiYWNrZW5kLmF6dXJld2Vic2l0ZXMubmV0LyIsImF1ZCI6Imh0dHBzOi8vb3N4YmFja2VuZC5henVyZXdlYnNpdGVzLm5ldC8ifQ.ujhWH9B05vc18rsOFKR-k8tHBAHNvzqLxF9fFLaLlAA%22%2C%22user%22%3A%7B%22userId%22%3A%22sid%3Aade88d20233683daaa546e58a4f892f1%22%7D%7D
Does anyone have a working example or insight into the details of OAuth to get this to work?
I am using Blazor WebServer with Identity Server template, downloaded from ABP.IO
When run locally, it all works fine. Login is success and able to see the post login page.
Once deployed to Azure App Service, Identity page shows correctly and even able to login. On the Blazor page, click on login, enter credentials, redirects back to the logged out page, but seems session is created, and login button shown. there is no error logged in the log files and console also has no errors.
Redis is running as Azure Redis Cache and there are no reported errors. I have deployed to below URL on Azure using the default template. Nothing confidential so I can share. The credentials are also the default credentials for abp.io.
Blazor: https://shoutout-core-dev.azurewebsites.net/
Identity: https://shoutout-identity-dev.azurewebsites.net/
It seems that there is no error already. Because when I make a request via swagger, I can access the necessary user information. As you stated, actually the session was created.
But there is a problem with the UI. To test the problem, after publishing the application in your local, can you run ASPNETCORE_ENVIRONMENT with the Production environment variable?
In addition, we need your ABP version information and your steps while publishing in local so that we can repeat the error.
this problem probably occurs on chrome. If you try to use firefox, you will pass the problem.Also, you can check this link for the fix on the chrome :
https://community.abp.io/posts/patch-for-chrome-login-issue-identityserver4-samesite-cookie-problem-weypwp3n
I am trying out the tutorial at https://console.cloud.google.com/start/appengine?project=xxxxx.
I am able to launch the app on my machine and browse it at port 8080. However when I click Deploy in the GAE Launcher, the app is deployed to localhost:8080 instead of to Google.
How do I deploy to Google's server?
My developer console is as follows:
I found the cause.
The credentials are stored in the file C:\Users\xxx\.appcfg_oauth2_tokens.
When I did the first deployment attempt, the default browser was already logged into a Google account different from the one that created the app in the Google's developer console, and I absent-mindedly authorized it. As a result, the tokens file contains the wrong credentials.
By deleting the tokens file, I was prompted to log in again and could deploy properly.
To GAE+html5 gurus out there :)
When user logs on to a GAE hosted application, his credentials are stored locally in a cookie (correct?).
After this cookie expires (e.g. if users hits logout on another browser tab), no login_required protected methods will work.
Regular webapp will require re-authentication next time the user navigates to a login_protected url by automatically redirecting to a login screen.
What would be the right way for a cached webapp to be handling this?
My test is a simple login_protected page accessed by Chrome and iOS browser. It's cached and accessible offline as expected. Then, (while online) and after the authentication expires, the server log shows a 302 response which is followed by 200 response of the authentication dialog page, but of course no authentication happens.
Thanks!
If you are using google authentication to provide access to your page . Which means even if you are logged in one of the other google services. Your cookie still exists in the browser. login_required will assume that you are logged on based on the cookie. What you are seeing is a redirection to google's page that's 302. If you want you can manage sessions on your own and check for authentication based on your data in data Store.There are lot of solutions availble for both Python and Java .