I want to develop an app mobile (in Flutter) with a cloud backend (I have not another server).
With Firebase, it supports only 4 providers (Fb, Twitter, Google, Github).
I need to connect Strava oAuth and use this login in my backend service. So, back4app is perhaps the solution.
Here, listing of providers supported by back4app https://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication, but no Strava...
Another section here to use non supported provider : https://docs.parseplatform.org/parse-server/guide/#custom-authentication but how can I do ? I don't understand this section.
Thxs
Thanks, I've used Firebase with a external server ;)
Related
I am currently trying to implement OpenID Connect using Okta as my identity provider.
The only plugin I found that was capable of handling OpenID Connect was the Flutter AppAuth Plugin .
Unfortunately I was not able to use it with a Native Webview in order to have a seamless experience for the end user or more especially to not have any navbar cf. image below:
Anyone was able to implement this flow as a native Webview ?
I don't believe you'll be able to do this in a native Webview. OAuth and OIDC are designed so the application never knows about the user's credentials - the application just receives an ID token and access token. If you tried to embed Okta (or any OAuth flow) in a native login, the application could get at the user's credentials, and possibly harvest them. Popping a browser is a more secure way of doing things.
To add to Matt's answer, AppAuth is the standard pattern here, which involves use of special InApp / system browsers:
Chrome Custom Tabs
ASWebAuthenticationSession
My blog has some details on this. I always recommend people to start with AppAuth samples. A couple of posts:
AppAuth Setup with Private URI Schemes
Advanced Sample with Claimed HTTPS Schemes
I am new to app/web dev and firebase. I am just trying to understand the firestore and want to use it for my app and website. I am aware of firebase hosting, but would I be able to host it somewhere else(ex. Hostgator or some other site) and still connect to the firestore? Or will it only work if I use firebase hosting for my website? Any feedback would be helpful.
I am new to understanding firebase, so I apologize for the really basic question.
Yes, this is possible. You'll just need to use one of Firebase's Javascript SDK options to connect to your firebase storage instance. Simply load these on your website's client or server side depending on your use case, and use the commands found in the linked documentation to interface with Firebase.
We are using a ecommerce plataform that can integrate with SAML protocol. They just need the authorization url. Do I need to create an App on One Login?
Or I could user a custom app integration?
Can you provide me some guidelines
What's the platform?
It may already exist in the OneLogin SAML catalog (we have a few thousand apps) but if not, please see https://support.onelogin.com/hc/en-us/articles/202673944-How-to-Use-the-OneLogin-SAML-Test-Connector
Additionally, you (or the Platform vendor) can always contact us to see about getting an official connector added to the catalog if it's not already there.
Regardless, your best bet is OneLogin support as this isn't really a development question.
We are writing a mobile application using Ionic Framework and Firebase for our data storage. Now we are looking into the new Ionic Platform for easy deployment and easy push notifications features.
Now as we are going to use most of the Ionic Platform features, we would also like to use their authentication system, also because it makes sending push notifications to specific users easy from within our Ionic Platform dashboard and their API.
Now I am trying to figure out how to incorporate the Ionic User Authentication with Firebase.
In short: How can we link our Ionic users to our Firebase authentication and authorization?
At first glance, it looks like Ionic is providing a similar authentication services as Firebase does.
The point is, if you need to create user based security on the Firebase database, that is, limit data access based on the user identity, you will have to use the Firebase authentication.
In any case I don't see a scenario where you need both authentication systems together.
I am trying to use the google drive SDK with a metro app. The metro app connects to google drive using REST services. The first problem I am facing is in authentication. Metro app has a redirect URI which follows microsoft specific scheme like "ms-app://s-1-15-2-1527804777-383724396-285855344-2678584489-1963608684-3789894444-799666712/".
How can I register this URI with my Google app profile? Google has made it compulsory to register the redirect URI, I don't know why. No other provider (like dropbox/skydrive) does this.
Could anyone please help?
Thanks in advance.
The redirect URI is part of the OAuth 2.0 spec, which is an open standard and critical to the security of the system. If other providers are performing OAuth 2.0 without this, they are insecure. Worse, if other providers are forcing apps to get usernames and passwords from users, that is bad too.
For installed apps, you can use the Installed Application Flow, with a local web server (localhost URI), or with the "out of band" URI, urn:ietf:wg:oauth:2.0:oob. Having said that, I never tried with a metro device, perhaps others can suggest how to perform OAuth 2.0 on metro.
As per the OAuth 2.0 spec:
When registering a client, the client developer SHALL:
o specify the client type as described in Section 2.1,
o provide its client redirection URIs as described in Section 3.1.2, and
o include any other information required by the authorization server
(e.g. application name, website, description, logo image, the
acceptance of legal terms).