I am trying to call graph api so I had followed the procedure mentioned on the site. I had registerd the App in https://apps.dev.microsoft.com/portal/register-app
and got the client id and and then I am trying to make a ajaxs call url
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=XXXXbxxxxxxx-bf22-4bdb-bXX-cd32a729a31f&redirect_uri=https://webidetestingXXXXXX-XXXXXXXXXXX.dispatcher.int.sap.hana.ondemand.com/webapp/index.html&response_type=code&scope=openid+Mail.Read";
this always opens a login page and How can I pass the username and password after the call.
second-I call this url and enter the credentials it shows me an error of Microsoft account is experiencing technical problems. Please try again later.
Can you please guide me what i am missing or any example in sap ui5 environment to call such graph Api
this always opens a login page and How can I pass the username and password after the call.
When directing the user to the /authorize endpoint , microsoft server will show the login page to let user enter the username/password , after that you couldn't pass username/password to that in your own code .If you don't want to show the login page or need to use own login page , it is possible to sign in a user with the username and password flow as noted here. But that flow needs writing passwords for identity provider into your custom website , and you should check more at the Constraints & Limitations section .
I call this url and enter the credentials it shows me an error of Microsoft account is experiencing technical problems.
Please provide more details of that error , you could find error message in browser address bar like :https://login.live.com/err.srf?lc=1033#error=invalid_request&error_description=xxxxxxxxxx
Related
I implement authentication for the Flutter app using the Keycloak. My flow is:
When opening the app for the first time, the user will be redirected to the login page of Keycloak with an email input
After inputting the email, a magic link will be sent to the email to authorize
When clicking the magic link, the app is opened and redirected to authenticate page of Keycloak. If the link is valid, the user will be forced to register the Webauthn passwordless
After registering success, back to the app
I've already implemented the magic link authenticator and it's working fine. My problem is when back to the app, I got the error: "Response state param did not match request state". I guess that because the app is open the browser 2 times: The first time to open the input email form to log in and the second time when open the magic link.
I've searched on the internet but can't find the solution. Any solution or hint?
Thanks.
I am trying to implement custom facebook login flow with some custom 3rd party backend system that requires the code that's returned by facebook's web dialog login via the callback's URL parameter -
e.g. https://calbackurl.com/?code=AsdadqwdDAWDASDwdACASdASd)
to be sent over to their end (the 3rd party backend system use the term "auth code" to describe this). But I have to use mobile facebook SDK (iOS), which does not have response_type option nor the code parameter.
How do I get this code without using the web dialog login?
I followed the guide over here and here.
Here are the things that I have tried:
1) I setup facebook login on my ios app. Trigger the login flow, and once I get the access token from the mobile SDK, I send this access token to my own API server which then call this endpoint -
https://graph.facebook.com/oauth/client_code?access_token=...&client_id=...&client_secret=...&redirect_uri=...
to get the code, which I am not sure if it is the same as the code URL parameter provided by the web dialog login flow. After that, I send this code over to the 3rd party backend system. But it says the code is invalid.
2) However, when I setup the web dialog login flow for testing purpose, and manually copy the code from the callback's URL parameter and send it over to the 3rd party backend system, it does not return such error. And the 3rd party vendor verified that, this "code" is correct. But why it fails on 1.?
I want to know if there is any API/Webservice in side Liferay that allows one to use mobile apps especially built with Ionic to do remote authentication and pull data from database
There's no special API for Login/Logout out of the box.
Complete list of Out of the BOX Web Services and detailed information on each can be found at
whaterver-url/api/jsonws
Example : https://www.liferay.com/api/jsonws
Why there is no Out of the Box API For Login/Logout.
All API's mentioned in above Link needs a basic Authentication. So in each request you need to pass username & password which will throw permission denied, if credentials are not valid.
I am very new to IdentityServer and Open ID Connect and most of what I know comes through the three walk throughs in the Overview section of the IdentityServer3 documentation. All of those samples demonstrate how to use the Authorize attribute to secure a controller action, which results in a redirect to the IdentityServer-hosted login page. What is the typical or recommended way to provide a Login link in the client application? Could my client application have it's own login page and then call IdentityServer to validate the login and provide a token? If so, is there a sample that shows this? If not, is there a way to have the login link in my application bring up the IdentityServer login page? Is it as simple as securing the Login action with an Authorize attribute?
I don't think it is right that client has its own login page. Imagine you use Facebook as identity provider, and would you expect facebook users to enter their Facebook crediential on your login page?
One method is what you described using server side challenge redirect, or configure your app as a Javascript implicit client - see example , which it builds up authroize challenge URL. Either way user sees login page from identity server.
I have the following problem in a Grails app with Spring Security (SSC). My app should provide some browseable pages as well as a Restful API.
While using the App with the Browser the App should display the Login-Form which is used by SSC and the Login/Logout Controller. But I also want to use alternativly a BasiAuthentication with the same URI.
For example: If I do a call to /myApp/testCall, coming from the Browser it should display the Login Form in case of a not already logged in user. If the user is logged in, it should process normally. But if I call /myApp/testCall with a Authorization Header then the App should recognize this and Authenticate the user by Basic Auth.
What I already got so far, whether the Basic Auth or the Login Form standalone, but not with this wanted bahviour. As soon as I activate the basiAuth in my App, it displays all the time the default Login form the Browser (Basic Auth Browser Login) but it should display the LoginForm.
Hope someone can help me solving this problem, I need somehow to put the Filter, which is responsible for displaying the Login Form in front of the Basic Auth Filter, but in the other case if I provide Basic Auth Credentials it should just log me in.
I had a similar question last week, not totally the answer to your question but it might help you get started. Would have added this as a comment but I don't have the rep.