I have integrated google plus in my iphone application. When I sign-in by button, it redirects for the authentication on the safari browser.when i successfully login and accept it come back to the application that work fine when app coming back it should call the delegate method
- (BOOL)application: (UIApplication *)application
openURL: (NSURL *)url
sourceApplication: (NSString *)sourceApplication
annotation: (id)annotation
{
return [GPPURLHandler handleURL:url sourceApplication:sourceApplication annotation:annotation];
}
but my application is not calling this method.
Related
I am new to using ITfoxtec for Azure Active Directory SAML logins. I read the StackOverflow entry for Nuget ITfoxtec SAML & Angular (and other similar entries for CORS issues), but I still do not understand how to adapt the GitHub Angular example from https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2 to my needs. When running the ITfoxtec GitHub example, the Login method of the AuthController.cs file is immediately executed when I launch the test Angular application, and brings up the Azure Active Directory login prompt.
For my application, I need to click a "Login using Azure Active Directory" button on the Angular front end to call a backend method that can then redirect to another method to attempt login.
.NetCore C# code:
SSOController.cs file:
// This method is called by an Angular front end button when the user wishes to log in via Azure Active Directory SSO
[AllowAnonymous]
[Route("AzureAuth")]
[HttpGet]
public IActionResult AzureAuth(string returnUrl = null)
{
var binding = new Saml2RedirectBinding();
Saml2Configuration config = GetSamlConfig();
binding.SetRelayStateQuery(new Dictionary<string, string> { { relayStateReturnUrl, returnUrl ?? Url.Content("https://localhost:44397/api/sso/AssertionConsumerService") } });
//return binding.Bind(new Saml2AuthnRequest(config)).ToActionResult();
// This gives a CORS error, so we have do ensure that we do the redirection at the backend
// so we try redirecting with "RedirectToAction"
return RedirectToAction("https://localhost:44397/api/sso/AssertionConsumerService");
}
My AssertionConsumerService() method (located in Dev at "https://localhost:44397/api/sso/AssertionConsumerService"), which I need to be redirected to:
[Route("AssertionConsumerService")]
[HttpPost]
public async Task<IActionResult> AssertionConsumerService(HttpRequestMessage request)
{
// After user enters AAD SSO information, redirect should point to here.
// This API endpoint is hit if I test from Azure Enterprise Application SSO testing with the redirect API set to this method.
// I do not understand how to do backend redirects from AzureAuth() method to this method, and ensure that the HTTP request data is correct.
}
Just a follow up to my own question. For logging in directly from the Angular front end, I am having success with using "#azure/msal-angular". Once the end user clicks the "Log in with Azure Active Directory" button and is authenticated back to the frontend, I forward the authentication details to the backend for authorization checks.
I am still using ITfoxtec at the backend to process what can be directly sent from the "Azure Enterprise Applications > Set up single sign on > Test single sign-on with ..." for testing purposes. With the Azure "App registrations > Authentication > Platform Configuration" set to "Single-Page Application", I am making good progress in development and testing.
Sounds like you got a solution.
You can load the Angular application before login if it is hosted a place in the ASP.NET application that do not require the user to be authenticated. Then you can start the login process your selv and validate if the user is authenticated.
I am trying to add Google login in an Ionic app.
Sadly, Google remove the inappbrowser login flow, so I added the GooglePlus plugin which is working fine and I am able to get an id_token.
The issue is that I cannot use auth
.getProfile(idToken, funct...)
This will return an 401 error saying that this token is not authorized; in the Auth doc is implies that the method can only be used with id_tokens acquired from Auth login.
My question is:
Is there a method to login to Auth using id_tokens, something like Firebase's "loginWithCredentials()"
When I test the setup on my laptop Chrome browser everything works just fine using both sameWindow and newWindow: I am able to login though for example Facebook and the user is authorized and can use my app.
However, when I try to deploy the app to android and use the inAppBrowser things break. When selecting the 'login through FB' button in my app I can see the inAppBrowser frame come up with the Facebook mobile site asking to login. When I inspect that specific window through Chrome inspect, I can see that the callback from FB coming in to omniauth on my server including state and code in the querystring:
https://<app>.herokuapp.com/omniauth/facebook/callback?code=<code>&state=<state>
This request receives a 302 redirect to the following URL:
https://<app>.herokuapp.com/api/v1/auth/facebook/callback
This follow-up request receives a 200 response. So far it all seems fine and the inAppBrowser window closes, we get back to my mobile app and I see the ng-token-auth "auth:login-success" event passing by.
However, any subsequent API requests to my server receive a 401 Not Authorized response. When I look at the request headers of those API requests I don't see any of the headers that Chrome on my laptop is sending to the server such as: access-token, client, expiry, token-type and uid.
I would be very grateful for any advice on where to look or what I am missing here.
Thanks!
Turns out that when working with ionic and I assume it is the same with cordova, storing the tokens according to default behavior in the cookie does not work. However, once you configure it to work with localStorage it works great!
For more info see this issue I opened at the GitHub project.
Our application uses Google Accounts for authorisation/authentication and you typically access the app by doing the following:
Visit accounts.google.com or get redirected there
Sign into your account
Visit our application (assuming you previously accepted our apps permissions) and you are logged in
When I recreate these steps with Protractor (with either WebDriverJS, Chromedriver, selenium etc) by step 3. the browser has 'forgotten' that you were previously logged into your Google Account and our app prevents your access.
From what I understand, this is because each test uses a fresh browser instance, so after each Google accounts login/navigate to our app step (i.e. broswer.get('ourappurl.com');) the browser session is not preserved.
How can we re-use the browser so that this does not happen?
Note: I have already tried the --user-data-dir flag which has no effect. Also we are not using Karma or Jasmine and are using the Cucumber support provided by Protractor.
Example code:
this.Given(/^I'm logged into my Google Account$/, function (callback) {
var dvr = browser.driver;
dvr.get('https://accounts.google.com');
dvr.findElement(by.id('Email')).sendKeys('test.account#testaccount.com');
dvr.findElement(by.id('next')).click();
dvr.findElement(by.id('Passwd')).sendKeys('password');
dvr.findElement(by.id('signIn')).click().then(callback);
});
this.When(/^I navigate to our App$/, function (callback) {
browser.get('/').then(callback);
});
this.Then(/^I am logged in to our App$/, function (callback) {
checkUserLoggedIn().then(callback);
});
I have an issue with iOS6 which is app can't re-authenticate after its permission was removed through web interface
Its state stays "On" in iOS preferences, which does not reflect current state of OAuth
Which leads to limbo when app tries to authenticate but gets an OAuth error
Also seems like there is no way to manually remove permission from builtin facebook preferences
Did anyone face similar issues? Any possible workarounds?
If the Facebook access token in the iOS cache is out of sync with Facebook, you can force a sync of the credentials:
// Only do this if there is native Facebook Account support (iOS 6+)
BOOL isFacebookAccountsAvailable = (&ACAccountTypeIdentifierFacebook != NULL);
if (isFacebookAccountsAvailable) {
ACAccountStore *accountStore = [ACAccountStore new];
ACAccountType *accountTypeFB = [accountStore accountTypeWithAccountTypeIdentifier:ACAccountTypeIdentifierFacebook];
NSArray *fbAccounts = [accountStore accountsWithAccountType:accountTypeFB];
for (ACAccount *fbAccount in fbAccounts)
[accountStore renewCredentialsForAccount:fbAccount completion:^(ACAccountCredentialRenewResult renewResult, NSError *error) {
DLog(#"Renew account error: %#", error.localizedDescription)
}];
}
I'm having pretty much the same issue. I tried to remove my app from my applications list on the Facebook website. Now when I log out and log back in, I get the same invalid token. I've got to go to the settings on my iPhone and disable facebook access for my app. This resets the token.
The SDK provides a method
[FBSession.activeSession closeAndClearTokenInformation];
but it does not solve this issue.
It seems like the case is being handled correctly with latest update of Facebook SDK