I've created a webapplication, hosted in an Azure App Service. The App Service is secured using Azure AD Authentication with login required.
When trying to load this page in a Personal App, the page tries to redirect to login.microsoftonline.com which is not able to show the page in an iFrame.
When switched to Developer preview the application is shown, passing the login using the currently signed in user.
Is there an ETA on enabling this behavior on the "non-developer preview" client?
Or is there another way to achieve this?
PS: I'm aware of the SSO javascript API, but this does require anonymous access to the application executing the JS calls. Unless I'm missing something? :)
Related
I am developing a web app with Facebook integration and I can't figure out why I can't test the login function locally. I have looked through the answers here (How to Test Facebook Connect Locally) and have tried to follow the steps of having the app in test mode, setting the site URL and the domain.
Based on FBs documentation here: https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/
I should be able to use http for localhost development, but I get the error
The method FB.api can no longer be called from http pages. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/
and can't log in. Below are pictures of my app settings (including an indication it is an app in 'test mode').
So this is really only a half answer, but it seemed easier for me to just force https for my local development using mkcert (https://github.com/FiloSottile/mkcert). After creating local certs I updated my site URL to say https://localhost:8080 and I am able to log in without issue.
I completed the basic setup for Google Analytics and inserted the tracking code into my webpage(s). I can log in to analytics.google.com and see historical data just fine.
I have an admin page on my website where I want to display Google Analytics information to several users automatically (no additional logon req'd) and read that this is possible using the Embed API with Server-side Authorization.
I followed the instructions and created a Service Account that shows up under Service account keys in my Google API Manager portal. I also successfully ran 'sudo pip install --upgrade google-api-python-client' on my Cloud9 IDE and pushed the change to my hosting provider, Firebase, i.e. 'firebase deploy'. Lastly, I located and pasted my Analytics View ID in to the code sample provided with the Demo/Setup. My page is served with <!DOCTYPE html> declared.
I can't get it to work. Browser console says:
Uncaught TypeError: window.google.load is not a function
I am thinking that I am not invoking the get_access_token() in that Python module. In other words, I am thinking that server-side scripting is not supported with Firebase hosting.
Anyone know if and how to get Google Analytics Embed API with Server Side Authorization running with Firebase hosting?
This is not exactly a direct answer to your question, but rather an alternative solution to this problem. At least I’m using approach.
You can use Google Design Studio to build and embed amazing analytics and BI dashboards anywhere you like (also on your Admin website). But even easier would be to use Google’s authentication (via gmail) to provide access to select dashboards directly, as Google’s authentication and authorisation is likely more secure that your website’s.
I'm working on creating an MVC Web application backed by an API which uses IdentityServer3 and is compatible with Windows Authentication, but I'm losing my custom claims in the process.
To this end, I've deployed this project: https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/MVC%20Authentication
When I deploy it to IIS7 I cannot access either of two pages which display claims information until I turn on Windows Authentication. When I do this, I have access to the secure Web Page that shows claims and the API that shows claims. This is promising, but these displayed claims are SidGroups, and Default claims, respectively. I lose my custom claims.
Monitoring traffic in Fiddler, I notice that when hitting the protected claims page, there are two failed attempts which 401 followed by the successful attempt but which displays the wrong claims.
Has anyone encountered this? Does any one know the location of a working example of a Windows Auth compatible IdentityServer? I've looked over several tutorials which imply it's possible but I don't think they are compatible with IdentityServer3.
For my cordova application i am running a Azure .net backend.
To access it from the client i use the mobile service client plugin for cordova.
Now to my problem:
I want to allow a facebook login which is already supported by the mobile service client. Therefore i registered a FB-application as described in the azure tutorial
Everything works well when i access the published backend. However if i am running it locally, the facebook login fails without any helpful error message.
It must be a problem with the facebook app settings.
For the case where i am running on localhost, i created a second testapplication with the following settings:
For the valid oAuth redirect URIs i have tried different things.
Does anyone have an idea how i could solve this?fa
I am developing a Facebook application and I am using Facebook C# SDK v4.2.1 to help with authentication. I am building the application using ASP.NET MVC 2 and am hosting it in Windows Azure (SDK v1.2).
Everything has been running fine when I had my application in a full browser window, but now when I am attempting to IFrame it in Facebook, I run into session problems. The behavior is that a new session is created on every new page request so the user always comes back to the application's login page. I can see that that Facebook session is valid when Facebook redirects back to the application after authorization, but when I set some session variables and redirect to another page, the session is gone.
When I debug the application locally, both as a standalone web application and in the Development Fabric, everything works fine. It is only when it's published to Azure that I get the problems. I have tried to have a local debug environment that is very similar to production where I have the facebook application at apps.facebook.com/myappnamedev that points to localhost on a specific port.
I just now also discovered that I only see the problem in IE (I am using v.8). Firefox v3.6 and Safari v.5 works fine.
Any ideas to help my troubleshooting? I have spent 10 hours on it and it's getting really frustrating... I am happy to paste code/configuration info if needed, just let me know.
Thank you in advance!
// Peter
I solved this. The redirect from Facebook after authentication landed on different pages in my development environment compared when deployed to Azure. I moved my authentication logic to global.asax instead.