I am using the following code to get permissions from the user for my facebook application.
function checkLoginStatus(response) {
if (response.authResponse) {
//user is already logged in and connected
} else {
FB.login(function(response) {
if (response.authResponse) {
//user logged in
} else {
//user cancelled login or did not grant authorization
}
}, {scope:'email,user_birthday,status_update,publish_stream,user_about_me'});
}
}
I get a dialog box with followed with "Allow" and "Skip" buttons.![enter image description here][1]
Now, Even if I click on on "Don't Allow"(which appears on the x button) or click on the "Skip" button will add the application to my application settings, with "Post on my behalf"(publish stream) permission. Does it mean that "publish_stream" is the default permission for an app ?
thanks
ashy
Related
I've build a Blazor server app and I'm using the Azure b2c which I build using the wizard.
I don't have a login page and I only use the Google as oauth provider. I just have the default blanket redirect which is fine for me.
builder.Services.AddAuthorization(options =>
{
// By default, all incoming requests will be authorized according to the default policy
options.FallbackPolicy = options.DefaultPolicy;
});
One issue is that I'm facing is that when I'm opening the app it doesn't prompt me asking which account I want to use. I know I'm already signed into my google account as whole but when opening my app I would like the app to prompt for "choosing the account". When I run the same userflow on the azure portal it does prompt me. The same just doesn't happen for my app. How can I make sure that the app always asks to select the account? I read some articles which said to add "prompt" keyword but I don't know where to add that as I'm not calling any custom url.
Another issue I'm facing is that the log-out doesn't work as expected. In my app logout sequence is same as the default which redirects user to MicrosoftIdentity/Account/SignIn link.
<AuthorizeView>
<Authorized>
Hello, #context.User.Identity?.Name!
Log out
</Authorized>
<NotAuthorized>
Log in
</NotAuthorized>
</AuthorizeView>
Once I click the logout button; I does something and then redirects me to this page.
However once I click the back button, the app opens as normal with the user still signed in. I expected the app to prompt for login at-least this time.
Can you please help me with the right approach for the implementing this. I prefer to avoid advance things like custom user flows. Perhaps some settings in appsettings.json can do the trick?
Thanks a lot.
For the logout to work properly ,In the Redirect URIs section in portal, setredirect URIs.
Example:
redirectUri : https://localhost:44365/signin-oidc
In the Logout URL section, https://localhost:44365/signout-oidc or : https://localhost:44365/signin-oidc
Please check Configure session behavior - Azure Active Directory B2C | Microsoft Learn
In appsetting.json set "CallbackPath": "/signin-oidc" and set a userflow SignedOutCallbackPath
appsettings.json:
"AzureAd": {
"Authority": "https://xx.b2clogin.com/XXXXXX.onmicrosoft.com/B2C_1_SignUpSignIn",
"Instance": "https://XXXXXX.b2clogin.com",
"TenantId": "XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX",
"ClientId": "XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX",
"ClientSecret": "XXXXXXXXXXXXXXXXXX"
"CallbackPath": "/signin-oidc",
"Domain": "XXXXXX.onmicrosoft.com",
"SignUpSignInPolicyId": "B2C_1_SignUpSignIn",
"SignedOutCallbackPath": "/signout/B2C_1_susi",
"ResetPasswordPolicyId": "B2C_1_PasswordReset",
"EditProfilePolicyId": "B2C_1_EditProfile",
},
"API": {
"BaseUrl": "",
"Scopes": "https://XXXXXX.onmicrosoft.com/ xxx/<scope>"
},
In startup.cs:
builder.Services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Events.OnSignedOutCallbackRedirect = context =>
{
context.HttpContext.Response.Redirect(context.Options.SignedOutRedirectUri);
context.HandleResponse();
return Task.CompletedTask;
};
});
Or
set the prompt value to login or select_account using OnRedirectToIdentityProvider when OIDC authentication handler is registered
public void ConfigureServices(IServiceCollection services)
{
.....
services.Configure<OpenIdConnectOptions>(AzureADB2CDefaults.OpenIdScheme, options =>
{
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = context =>
{
if (context.Properties.Items.TryGetValue("prompt", out string prompt))
{
context.ProtocolMessage.Prompt = prompt;
}
return Task.CompletedTask;
}
};
...
}
When I logged in
Selected logout which redirects to signout path which redirects to post_logout_redirect_uri=https%3A%2F%2Flocalhost%3A44365%2Fsignout-callback-oidc&state=
Then if I clicked back , then I cant access other areas without login
Reference : https://github.com/Azure-Samples/ms-identity-blazor-server/blob/main/WebApp-OIDC/B2C/blazorserver-B2C/appsettings.json
I want to use one login form for admin and a user in my project for react js and firebase,only the admin to be able to login and be redirected to the admin panel and the user to the user profile with,
Admin panel and user login in firebase and reactjs. Anybody knows how to do this?
There are some hints and keywords:
1> For firebase auth user, you can set custom claims to set role to user, ex. admin or user. Please refer to the link below
https://firebase.google.com/docs/auth/admin/custom-claims
Firebase - how to set custom claim from the console
2> When log in, you have to listen to auth state changed to get user role thanks to the getIdTokenResult function
onAuthStateChanged(auth, async (user) => {
if (user) {
user.getIdTokenResult(true).then((result) => {
// Confirm the user is an Admin.
if (!!result.claims.admin) {
// Show admin UI.
showAdminUI();
} else {
// Show regular user UI.
showRegularUI();
}
})
}
});
or
Check for firebase's auth user's role when or after logging in
https://firebase.google.com/docs/auth/admin/custom-claims#access_custom_claims_on_the_client
I have the following permissions to authenticate against an Instagram Business account so I can get the Facebook pages connected to that account.
export const instagramLogInScopes = [
"instagram_basic",
"instagram_content_publish",
"pages_show_list",
"publish_video",
]
export async function connectInstagram(cb) {
window.FB.login(function (response) {
let { status, authResponse } = response;
if (!authResponse) {
console.log("connection failed");
} else {
if (status === "connected") {
console.log(`Connected Instagram User Business account Data=${JSON.stringify(authResponse, null, 2)}`); //This is always coming back as the default facebook account not the business account
let userId = authResponse.userID;
} else {
}
}
}, {
scope: instagramLogInScopes.join(","),
prompt: 'consent',
return_scopes: true,
});
}
When the oauth dialog comes up it is not showing me the instagram business accounts, instead it is showing me the logged in facebook account.
How can I make it show me the instagram business accounts instead so I can select and pick the one I want to connect?
I want it to show me a dialog exactly similar to what is shown below
Thank you.
I have a web based dashboard that authenticates user with adal-angular. Authorized users can access the page without any issue, but when a user is unauthorized, they get into an infinite loop with login page.
This was my initial code:
AuthContext.handleWindowCallback();
if ((window === window.parent) && window === window.top && !AuthContext.isCallback(window.location.hash)) {
if (!AuthContext.getCachedToken(adalConfig.clientId) || !AuthContext.getCachedUser()) {
AuthContext.login();
}
}
else
{
AuthContext.acquireToken(adalConfig.endpoints.xyz, (message, token, msg) =>{
if (token) {
ReactDOM.render(
//rendering code
);
}
});
}
After moving 'AuthContext.handleWindowCallback();' inside the first if condition, the user doesn't get in to infinite loop anymore. But the error page is not displayed as expected. They just get a blank page, but the url has the message that user is not authenticated.
How can I get a working error page when the user is not authenticated? Is there a way to access the error message programmatically?
Try calling:
AuthContext.getLoginError()
After
AuthContext.handleWindowCallback()
HI I have search from where client can either click on keywords
which is below in search bar or enter a keyword in search window, In
case first when user click on keywords the search_results opens with
keywords in URL but when user enter keyword then it just give result
according to it.
So when user not logged in then after some search_result we ask for
login & on click login button we redirect for login popup from where
user logged in that time we have to redirect on same page so for
this I am using two concept one for predefined keywords link which
come on URL just redirect last URL value in session & after logged
in redirect to that URL.
3.I need help in keyword enter by user & then logged in so needs to redirect with same keyword page to user.
function search_result($adKeyword = null){
if(!empty($adKeyword) && $adKeyword != ''){
$this->data['City']['keyword'] = $adKeyword;
}
//////////////////Maintain fetch data////////////////////
if(!empty($this->data)){
//pr($this->data);exit;
if($this->data['City']['keyword'] == 'Name or Area of expertise'){
$this->data['City']['keyword'] = '';
$this->set("title_for_layout","Search Result");
}
if ( empty($this->data['City']['city_name'])) {
$this->data['City']['city_name'] = $this->Session->read("Location");
}
if($this->data['City']['keyword'] != '')
$this->set("title_for_layout",$this->data['City']['keyword']." | Search Result");
//$request_params = Router::getParams();
//$this->Session->write('auth_redirect','/'.$request_params['url']['url']);
$this->Session->write('login_referrer',$this->params['url']['url']);
$this->Session->write('login_referrers',$this->data['City']['keyword']);
above two session variable I am using for redirect after authentication on login
if($this->Auth->user('role_id')== Configure::read('App.Role.Mentee')) {
if ($this->Session->check('login_referrer')) {
$loginReferrer = $this->Session->read('login_referrer');
$this->Session->delete('login_referrer');
//prd($loginReferrer);
$this->redirect(SITE_URL."$loginReferrer");
}
else if($this->Session->check('login_referrers'))
{
$loginReferrers = $this->Session->read('login_referrers');
$this->Session->delete('login_referrers');
//prd($loginReferrers);
$this->redirect(array('controller'=>'fronts','action'=>'search_result/','$adKeyword' => $loginReferrers));
}
else {
$this->redirect(array('controller'=>'fronts','action'=>'index'));
}
what happening its not going to else if statement Please help me
If they are browsing some pages and asked to login then they should redirect to that page after login
That's exactly what the Auth component does by default. As such to get the desired behavior, the login function should look similar to:
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirect());
}
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
Note the use of $this->Auth->redirect() which returns the url to redirect the user to, this example is taken directly from the documentation.
To change the default Auth redirect url modify the loginRedirect property of the auth component (from your beforeFilter, for example).
For manually login I have solved my issue,I have added this code to search_result action of my front_controller
$request_params = Router::getParams();
$this->Session->write('auth_redirect','/'.$request_params['url']['url']);
And in my user _controller I have just used this session variable:
if($this->Auth->user('role_id')== Configure::read('App.Role.Mentee')) {
$this->redirect($this->Session->read('auth_redirect'));
else
$this->redirect(array('controller'=>'fronts','action'=>'index'));
But it is not solving my problem completely, I want to delete session value after one time redirect.but for this it is not destroying the router session variable value