I implement authentication for the Flutter app using the Keycloak. My flow is:
When opening the app for the first time, the user will be redirected to the login page of Keycloak with an email input
After inputting the email, a magic link will be sent to the email to authorize
When clicking the magic link, the app is opened and redirected to authenticate page of Keycloak. If the link is valid, the user will be forced to register the Webauthn passwordless
After registering success, back to the app
I've already implemented the magic link authenticator and it's working fine. My problem is when back to the app, I got the error: "Response state param did not match request state". I guess that because the app is open the browser 2 times: The first time to open the input email form to log in and the second time when open the magic link.
I've searched on the internet but can't find the solution. Any solution or hint?
Thanks.
Related
I have developed an SAML application which only uses Microsoft as IDP for successful login and logout of specific users. So after logout, I want Microsoft to redirect me to the website I have configured in the Logout URL of MyApplication in Azure Active Directory. The log-in functionality works everytime but when I logout in presence of only one Microsoft Signed-In account, it logouts perfectly and redirects me to the website I specified. I am facing the issue when I am asked to choose account to logout from a set of accounts (refer Image) of which when I select the configured account, it log me out perfectly but is unable to redirect me to my specified page. The page gets stuck on "You signed out of your account It's a good idea to close all browser windows." (refer Image). Thus I want to be redirected to the specified page when I am asked to select an account while logging out.
Logout Issue Redirect Image reference
Logout Issue Redirect Image reference
This is a known bug in this library.
Here are some alternatives.
You can use silent logout.
The post logout redirect isn't expected after calling logout. This could be a timing issue.
You can achieve a 'clean' logout by opening a new window and calling logout from there. Then a user is left with an extra open window; but at least they've retained a view of the app and it hasn't lost state.
-->User opens Service Provider URL and the WSO2 login screen is presented for entering credentials
-->User does add a browser bookmark from the current page to be able to access it in the future
-->Bookmark works fine for a period of time, then it stops working properly, the following error is displayed after entering the credentials
The reason for the error is that the WSO2 login page has some parameters in the URL that expire after a period of time, specifically sessionDataKey which is identifier for particular Service Provider.
Can someone help resolving this issue.
This was a known issue and seems to be fixed in next release.
https://wso2.org/jira/browse/IDENTITY-5199
As a workaround, users can bookmark the landing page after the login. Then, if there is no valid session, they will be redirected to the login page.
I am trying to call graph api so I had followed the procedure mentioned on the site. I had registerd the App in https://apps.dev.microsoft.com/portal/register-app
and got the client id and and then I am trying to make a ajaxs call url
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=XXXXbxxxxxxx-bf22-4bdb-bXX-cd32a729a31f&redirect_uri=https://webidetestingXXXXXX-XXXXXXXXXXX.dispatcher.int.sap.hana.ondemand.com/webapp/index.html&response_type=code&scope=openid+Mail.Read";
this always opens a login page and How can I pass the username and password after the call.
second-I call this url and enter the credentials it shows me an error of Microsoft account is experiencing technical problems. Please try again later.
Can you please guide me what i am missing or any example in sap ui5 environment to call such graph Api
this always opens a login page and How can I pass the username and password after the call.
When directing the user to the /authorize endpoint , microsoft server will show the login page to let user enter the username/password , after that you couldn't pass username/password to that in your own code .If you don't want to show the login page or need to use own login page , it is possible to sign in a user with the username and password flow as noted here. But that flow needs writing passwords for identity provider into your custom website , and you should check more at the Constraints & Limitations section .
I call this url and enter the credentials it shows me an error of Microsoft account is experiencing technical problems.
Please provide more details of that error , you could find error message in browser address bar like :https://login.live.com/err.srf?lc=1033#error=invalid_request&error_description=xxxxxxxxxx
I have the following problem in a Grails app with Spring Security (SSC). My app should provide some browseable pages as well as a Restful API.
While using the App with the Browser the App should display the Login-Form which is used by SSC and the Login/Logout Controller. But I also want to use alternativly a BasiAuthentication with the same URI.
For example: If I do a call to /myApp/testCall, coming from the Browser it should display the Login Form in case of a not already logged in user. If the user is logged in, it should process normally. But if I call /myApp/testCall with a Authorization Header then the App should recognize this and Authenticate the user by Basic Auth.
What I already got so far, whether the Basic Auth or the Login Form standalone, but not with this wanted bahviour. As soon as I activate the basiAuth in my App, it displays all the time the default Login form the Browser (Basic Auth Browser Login) but it should display the LoginForm.
Hope someone can help me solving this problem, I need somehow to put the Filter, which is responsible for displaying the Login Form in front of the Basic Auth Filter, but in the other case if I provide Basic Auth Credentials it should just log me in.
I had a similar question last week, not totally the answer to your question but it might help you get started. Would have added this as a comment but I don't have the rep.
I have created a website that allow user use facebook login system to regist and login. The system runs good. It can use single sign-on to login the system, so the user does not need to input the username and password --- until yesterday.
One of teammate find that he stucked in the login system, and the single sign-on does not function anymore. The user need to input account detail whatever they have login facebook or not. The most funny thing is, after the user login in facebook login system, it does not redirect the user to the "next" url or redirect them to facebook.com (mostly this means login system setting had eror). It just stuck in the facebook server with empty blank page.
This is the link what I stuck in....
https://www.facebook.com/login.php?login_attempt=1&fbconnect=1&display=page&next=(next url)&req_perms=publish_stream%2Cread_stream%2Cemail%2Cuser_photos&legacy_return=1
without session code, and does not have any reply.
I want to know if I have set something wrong...
Use of legacy_return was deprecated almost a year ago with the migration to OAuth2, and the endpoints were finally shut down today. Please update your integration per https://developers.facebook.com/docs/concepts/login/