Can someone point me in the right direction about OpenIddict and
https://openid.net/specs/openid-connect-backchannel-1_0.html
https://openid.net/specs/openid-connect-session-1_0.html
https://openid.net/specs/openid-connect-frontchannel-1_0.html
Related
Hopefully someone can point me in the right direction here, I'm attempting to log into Playfab using a google auth code retrieved from an async call in Unity, the flow is as follows:
Click my login to google button in Unity.
Unity begins to listen for the response and opens a google login browser session.
User clicks email/signs into email they want.
This response is returned to Unity with an auth code.
I have then attempted to use the returned google auth code with playfabs LoginWithGoogleAccount method":
PlayFabClientAPI.LoginWithGoogleAccount(new LoginWithGoogleAccountRequest()
{
TitleId = PlayFabSettings.TitleId,
ServerAuthCode = returnedWindowsGoogleAuthCode,
CreateAccount = true,
}, OnPlayfabGooglePlayAuthComplete, OnPlayfabGooglePlayAuthFailed);
This then fails with a returned response from playfab with "invalidGoogleToken".
From what I've read from what I've come across on google is that this token is possibly in a "used" state by the time I am calling LoginWithGoogleAccount and I possibly need a refreshed token? but I am not too familiar with the Google API so I could be completely off the mark there? But if this is the case what should I do here? How do I re-request a valid token without going back to the browser to do the same thing again?
To give you an idea of pretty much the exact code I'm looking at but I've altered slightly to get it to work in Unity I am following the Google Sample OAuthDesktopApp code:
OAuthDesktopApp Sample Code
I am calling the method "button_Click", this runs and makes the request, Unity then begins listening for the google response at line 72 and the auth code is then output to logs at line 129.
This auth code output at line 129 is what I have then been passing back in to LoginWithGoogleAccount which then results in the failed "invalidGoogleToken", this does also then run a request for user information which does correctly return the name/email of the user you signed in with etc.
Just to add to my previous comments, if I remove the call to performCodeExchange line 132 (I read somewhere that at that point I am swapping the auth code for a token and thus the auth code will no longer work? I'm guessing here) and then if I call PlayFabClientAPI.LoginWithGoogleAccount with the auth code I am presented with:
PlayFabError error:
error.GetHashCode(): 2051826304
error.Error: InvalidGoogleToken
error.ErrorMessage: invalid_grant details: Missing code verifier.
error.ErrorDetails: null
Hopefully this may help someone guide me.
First thanks to those that replied to this, So I've managed to solve this after a comment from a Playfab mod, There appears to be no official way from Google to login using a standlone Unity build nor an official way to then login to Playfab using the same build method.
The solution I've used uses a modified Unity version of one of the Google samples from OAuth 2.0 for Mobile & Desktop Apps .
This will allow you to get the oauth code within Unity then you can pass this oauth code to Playfab for login, BUT Playfab has since deprecated the way to do this (which is silly if its the only solution) so you need to modifiy Playfabs SDK to include the accesstoken then you can use this to finally login.
I am trying to download the file using CDN edge server, but it gives 403 - forbidden error.
I have created the end point long back, so I dont remember either I created the token auth for this or not.
Does anyone have any idea after creating the token auth where the info goes so that I can see what is the expiry date and key value for the same.
Please let me know if any more information is required on this.
Thanks for the help in advance.
If you created a token, you will need to go to the 'manage' tab at the top bar of the CDN profile blade in portal.azure.com.
See this for screenshots and steps: https://learn.microsoft.com/en-us/azure/cdn/cdn-token-auth
I wanted to get all the events from the Meetup.com whichever I have enrolled.
I am not quite understanding :urlname.
Can you please suggest me the API / REST Call.
Thanks,
Raja K
You can do this easily in the Meetup.com api console - the endpoint is GET /2/events.
You will want to enter the parameters:
rsvp=yes,
member_id=self,
status=past,
page=200,
desc=false,
omit=description
Then click on Show Response. You can either read the response there or I find it easier to copy the signed link and paste it into a browser window and hit return. Then select all the JSON text that comes back and paste it into the left pane in http://www.jsoneditoronline.org/ and tap the little arrow to get it mapped into fields in the right hand pane
I've been trying to get OAuth 2.0 to work correctly. I have managed to make the url that that will do the "deny/allow" for my app by opening a webpage with just
Application.OpenUrl(uri.ToString());
The problem is that I have no idea how to get the redirect and the auth token from the page if the user hits allow. When you hit allow, right now nothing happens it just sits on the page. Checking Networking in chrome debug does have the redirect and token there but it never actually sends it..
I was recommended to use RestSharp but I again have no idea how to use it with Unity as there are lot of resources for Android/iOS PC etc. but I can't get any of them to work for this Unity project...
var client = new RestClient("https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=*clientID*&redirect_uri=http%3A%2F%2FfitRPGcallback&scope=activity%20profile%20sleep%20social");
Debug.Log("client made");
var request = new RestRequest(Method.POST);
request.Resource = ("profile%20sleep%20social");
client.ExecuteAsync(request, response => { Debug.Log("response is : " + response.Content);});
Application.OpenURL(client.BaseUrl.ToString());
In the URL I do have the correct clientID in there as well just not sure what I can and can't show for security reasons etc.
Biggest problem is just having no idea how to get the return value from the webpage after the user hits allow/deny...
Any insights would be super super appreciated cause I just want to start making the actual game but there's not as much point if I can't get this data...
So, I'm posting on a few other applicable questions as well since I have finally figured out my answer.
Unfortunately I'm not using REST so that part is still up in the air BUT I did get it to work with just Fitbit, Unity and a Webview plugin (you will need a webview OR a way to get the initial code back from your first OAuth2 call)
You can find steps here.
http://technicalartistry.blogspot.nl/2015/07/oauth2-unity-and-month-of-cursing.html
EDIT:
So I had to change how I did it because Fitbit changed their ToS where we are no longer allowed to use Webview based Authenticators (which is what I was using in the above blogpost.)
Give this next post a look for how to make an Android Plugin that will grab the Accesstoken from Fitbit's OAuth. This is a FREE way to do it since you make it yourself and it's ezmode :)
http://technicalartistry.blogspot.ca/2016/01/fitbit-unity-oauth-2-and-native.html
I have an MVC4 application and I am seeing very odd behaviour on iPhone/Chrome only
Here is the happy path
go to /account/register
the register method of the account controller handles the request
fill out the form and click join
the register(signupModel) method of the account controller handles the event
here is what happens on iPhone/Chrome only
go to /account/register
the register method of the account controller handles the request
fill out the form and click join
the login(signupModel) method of the account controller handles the event
So I am baffled as to why the incorrect action is being called only on iPhone/iOS
This has been tested on numerous mobile and desktop devices (android, iphone/safari) without a problem
The site is MVC4/.Net4.0 and JQuery Mobile
the IIS logs are showing a POST to /account/login so I do not think its a route problem. It seems like the client really is posting to the wrong URL
Any insight would be greatly appreciated.