I integrate Google's Auth API in my production website.
When I enter the login page, it throws an idpiframe_initialization_failed exceptions to the console.
I found out that I can fix it by enabling that API / Cookies in my chrome browser, but I want to find a comprehensive solution that will prevent those exceptions in my production environment.
So my two questions are:
What do you suggest me to do in order to achieve that?
In general, what is the meaning of those excpections?
Thanks :)
If you have a production url like http://godaddysite.com etc host your page there with a Webserver.
Opening a htnl page from your computer with javascript doesnot work as it is not hosted on webserver.
Please check your redirect url etc when you created Oauth client.
Go to the Credentials page.
Click Create credentials > OAuth client ID.
Select the Web application application type.
Name your OAuth 2.0 client and click Create
check origins
create new OAuth with correct origins.
Related
I'm currently working on a flutter/dart-based webpage (not an app). Now I came to the point that I want the web page to open only if the user has authenticated on my cloud-based Keycloak Server (cloud-iam.com).
There are some openid-connect client packages for flutter available, but most only work for google firebase/aws.. and some others are only working for apps, others are already outdated.
For now, I simply want to use the login frontend offered by the keycloak server.
But I totally failed to bring the available openidc packages to a success... :-(
Does anyone have a suitable package and a reference flutter/dart-application how to authenticate a user using an oidc-identity provider (i.e. keycloak?)
Thanks!
You can try keycloak_flutter package which handles keycloak user authentication for the flutter web only
https://pub.dev/packages/keycloak_flutter
As per this package example
https://github.com/gibahjoe/keycloak_flutter/tree/master/example
you can provide you keycloak realm and clientid details, it'll navigate to your keycloak server for login authentication after that you can allow your app to use the token details provided after login
We've got an install of Azure Devops server that currently authenticates against our active directory server and authentication works, but it appears to do so by means of browser basic authentication (the browser modal prompt that asks for a simple user name and password).
I'm wondering if there is some way to configure authentication such that users that have never logged in, actually get a login page... not just the basic authentication prompt in the browser.
I appreciate any input, I've used and administered azure devops in the cloud for a LONG time, but the devops server stuff I'm new to.
NOTE: I've played with IIS settings for authentication (enabling and disabling basic authentication and forms auth etc, but nothing really seemed to help there)
it appears to do so by means of browser basic authentication (the
browser modal prompt that asks for a simple user name and password).
I'm wondering if there is some way to configure authentication such
that users that have never logged in, actually get a login page... not
just the basic authentication prompt in the browser.
What's the login page do you mean?
1.If you mean the login page to connect to TFS web portal, as I know using basic prompt with username+password is the only appraoch.
Web Portal:
Only logic page:
2.But if you mean something used for authentication when accessing the code. I think you must be familiar with PAT which is widely used in Azure Devops Service. IIS Basic Authentication is not recommended. You can check Enabling IIS Basic Authentication invalidates using Personal Access Tokens and Use the TFS Cross Platform Command Line with TFS using basic authentication or personal access tokens (PATs).
Hope it helps to resolve your puzzle :)
So after lots of research, I found that in the differences between azure devops server and azure devops services documentation. In this documentation it states that it uses windows authentication, and you will never be presented with any login experience.
I'd vote that this should be something that be configured to show a login screen, as sometimes we want to log in as users other than the users we logged into the machine as.
I am using facebook SDK. I am getting the following error:
Insecure Login Blocked: You can't get an access token or log in to this app from an insecure page. Try re-loading the page as https://
After studying I came to know that I have to set 'Enforce HTTPS' as NO under 'facebook login> Setting> '. But I can not set Enforce HTTPS as NO. Is this problem is from mine? OR I facebook restrict to use https instead of http?
enable Client OAuth Login and write "localhost:3000" in Valid OAuth Redirect URIs.
Save changes. it will automatically change to https://localhost:3000 , but it doesn't matter...
And set Status: In Development (THIS IS IMPORTANT!)
Then it will work in your http localhost.
But I can not set Enforce HTTPS as NO. Is this problem is from mine?
https://developers.facebook.com/docs/facebook-login/security:
Enforce HTTPS. This setting requires HTTPS for OAuth Redirects and pages getting access tokens with the JavaScript SDK. All new apps created as of March 2018 have this setting on by default and you should plan to migrate any existing apps to use only HTTPS URLs by March 2019.
Sounds to me, like they don’t want you to be able to even start without HTTPS, when you are creating a new app now.
Plus, Chrome has recently announced that they will mark all HTTP sites as insecure soon, from version 68 on, that will be released in July 2018. So you’re gonna have to go HTTPS rather sooner than later anyway.
The “big players” of the industry are currently pushing for this big time, whether we want it or not.
If you just enable Client OAuth Login and write just localhost:{port} to Valid OAuth Redirect URIs, it will work.
If you're developing locally with create-react-app, a quick solution is to add
HTTPS=true
to your .env file and just comment it out when you're not testing Facebook login.
It seems like Business apps do not have app modes and instead rely exclusively on access levels. Because of this, you can't set the app to the "Development mode".
All newly created apps start out in Development mode and you should avoid changing it until you have completed all development and testing.
https://developers.facebook.com/docs/development/build-and-test/
https://developers.facebook.com/docs/development/build-and-test/app-modes
However, if you wanna try out your app in a localhost, you need to create a test app, like you can check out in this thread:
How to fix 'Facebook has detected MyApp isn't using a secure connection to transfer information.' error in Laravel
I have windows console application that needs to interact with GitHub API using octokit.net. The first step is to register application with GitHub. On the registration page i have to provide Homepage Url and Authorization callback Url
For console application what would be the values for these two fields? I really dont want to connect GitHub using userid, password
I'm developing a website that is going to use Facebook authentication.
I'm using GWT and it works fine when I run the code compiled, but when I'm running the development it does not work.
The problem is when I'm trying to retrieve the access_token from Facebook.
I'm receiving the error below:
"error":{"message":"Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request","type":"OAuthException","code":100}"
Obviously, the redirect_uri is identical as the login url one.
I found out (by this topic) that the problem is the last part of the url "?gwt.codesvr=127.0.0.1:9997".
How can I solve this? or how can I manage to use the GWT development mode with this problem?
Thanks,
Normally this is due to the url verification FB does.
When you register a new app in FB you have to configure the set of domains (App Domains) authorized to use the FB login form.
Unfortunately you cannot set 127.0.0.1 nor localhost as a valid domain, so you cannot use GWT dev-mode unless you configure a hostname in your domain pointing to your localhost.
If you set mydomain.com as a valid App Domain in your FB application, configure localhost.mydomain.com pointing to 127.0.0.1 in your local hosts file or in your DNS server. Then use http://localhost.mydomain.com:8888/myapp.html?gwt.codesvr=localhost.mydomain.com:9997 to run dev mode in your browser.
I found out the problem.
By encoding only the gwt.codesvr value it works.
However, using php urlencode function on it did not work, I had to encode it myself.
The gwt dev param ended like this "?gwt.codesvr=127.0.0.1%3A9997"