I am using cordova-plugin-ms-adal-b2c-patch- cordova plugin with Azure b2c
I created a facebook developer account with the relevant definitions from here
The domain is : https://login.microsoftonline.com
The redirect URI is : https://login.microsoftonline.com/te/{{My tenent}}/oauth2/authresp
On the first login it worked from the second it stopped working with the following error:
Authorization code not exchanged for token
Related
I am integrating AD B2C as Identity provider for the FreshWorks by configuring SSO with OIDC in the Freshworks.
Configuration done in the Azure AD B2C:
Registered an application in the AD B2C Tenant
a. Get the redirect URL from Freshworks SSO with OIDC and added in the Redirect URI in the registered application
b. Id Tokens and Access Tokens check box is selected.
c. Enabled the public client.
d. Generate the client secret for the application
Added Microsoft as external IdP in the AD B2C tenant. Only one external IdP is enabled, local account is not enabled.
Created a SignupSign User flow
Tested the User flow, able to signup and sign-in using Microsoft Account (personal account). JWT token is generated with the claims sub, email, name.
Configuration done in the SSO with OIDC:
Get the ClientId and Client Secret of the Application registered in the AD B2C tenant and added in the SSO with OIDC configuration dialog
Navigate to AD B2C signup sign-in user flow OIDC configuration url and get the authorization_endpoint and token_endpoint, added those two in the SSO with OIDC configuration dialog
set the scopes as openid,email,profile
After doing all the above configurations, a new button is added in the freshworks login page. I have clicked that button, it navigates to the microsoft login page, after providing credentials and accepted the consent, it shows a form with profile information.
On clicking the continue button an account is created in the AD and redirected to the Freshwork page. It shows the below error in the freshworks login page.
The authorization code request is working, AD B2C post the authorization code to the freshwork redirect url. I hope the issue is with the get access token endpoint URL. I have tried the Get access token endpoint from the postman using the authorization code received from the first request, it gives the access token.
The postman screenshot mentioned is showing the IDToken and your freshworks application expect access token. Could you please validate the user flow with access token settings and also use the postman tool to get the access token. Please follow the below document for more requests.
https://learn.microsoft.com/en-us/azure/active-directory-b2c/openid-connect
I have some problems with the Account Linking for Google Actions
I have implemented the OAuth2 steps described in the documentation by Google.
I have found out the client id and client secrete also authenticate my URL, but now I am stuck in token URL, what should I do in my PHP application that finds token, I am new to this I use web application to connect to smart home action
I´m following this Google documentation to make account linking with oauth.
In the token exchange requests item, I am receiving the JSON below, as expected:
{
"client_id" : "*****",
"client_secret" : "*****",
"code" : "myauthorization_code",
"grant_type" : "authorization_code",
"redirect_uri" : "https://oauth-redirect.googleusercontent.com/r/****"
}
and my response is:
{
"access_token" : "myaccess_token",
"expires_in" : 3600,
"refresh_token" : "myrefresh_token",
"token_type" : "Bearer"
}
But I am getting "Something went wrong, please try again later"`error, in Google assistant app in iOS.
In stackdriver, I am getting the error:
SYNC: Request ID 4417600193631747637 failed with code: OPEN_AUTH_FAILURE
Based on your example, it sounds like you are skipping a step. The account linking process has two steps:
User authorization (user signs in to their account)
Token exchange (server returns a token for the authorized user)
It looks like you responded to the authorization request directly by providing a token. The authorization request should return a unique temporary code representing the user who authorized, which will be passed back to your token exchange endpoint to get the access token.
You can read more about how to implement account linking with your OAuth server in the documentation.
Testing Account Linking
You can use the Google OAuth Playground to verify that your account linking implementation is working properly. Here is how you can configure this tool to test your endpoint:
Open the Settings gear, change OAuth endpoints to Custom
Enter your authorization and token URLs from the Actions console
Enter your client ID and secret from the Actions console
You won't be authorizing any Google APIs, so for Step 1 you can just enter something like "devices" and click Authorize APIs. You can follow through with the flow in Step 2 to verify that the authorization and token exchange work properly. The tool will report if any errors occur in the flow.
I try to connect my azure B2C to Facebook login. I read this
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-fb-app
But I still receive this error when Azure transfer me to Facebook:
Blocked URL: This redirection failed because the redirection URI is not allowed in the OAuth client settings of the application. Make sure OAuth client and web credentials are enabled and add all domains in your app as valid OAuth Redirect URLs.
I try to add several URI under Facebook -> Product -> Login -> Settings -> Valid OAuth Redirect URIs. I try this:
https://b2ctenant.b2clogin.com/b2ctenant.onmicrosoft.com/oauth2/authresp
https://login.microsoftonline.com/b2ctenant.onmicrosoft.com/oauth2/authresp
https://sitename.azurewebsites.net/.auth/login/facebook/calklback
https://sitename.azurewebsite.net
I am out of idea...
You can use the following domains with Azure AD B2C:
your-tenant-name.b2clogin.com (recommended)
login.microsoftonline.com
If you're using the your-tenant-name.b2clogin.com domain with Azure AD B2C, then the redirection URL that is registered for Azure AD B2C in Facebook must be set to:
https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authresp
If you're using the login.microsoftonline.com domain with Azure AD B2C, then the redirection URL that is registered for Azure AD B2C in Facebook must be set to:
https://login.microsoftonline.com/te/your-tenant-name.onmicrosoft.com/oauth2/authresp
(Note the /te path in the redirection URL.)
I have done following steps:-
created an facebook App with all the details filled and got AppID and App Secret.
Integrated an facebook extension to my magento website and filled AppID and App Secret to magento admin.
When I login then it asks for the permissions to access the facebook user details also, but after that it shows error "Facebook Connection Failed".
My website is at localhost and I filled site url = "http://localhost/magento/mywebsite.php" in the facebook App which I created.
I have done this thing prior also. It worked previously but not working this time.
You can't use localhost URLs when configuring your app. The URL needs to be accessible to Facebook. Either use the IP address of your test server, or register a test domain.