I am developing a Chrome App which requires the user to authenticate against a third party website for OAuth (for e.g Twitter).
I want to be able to
Open the OAuth URL from the Chrome app.
Detect if the user has authorized and got redirect to my "redirect" URL (detect the tab is closed?)
Fetch the access token from the redirected URL in the Chrome app.
I am unable to think of a way to do this? Can someone help.
chrome.browser.openTab with callback URL localhost, where you run a local webserver, I could see being an option.
But I think the simplest and recommended solution would be to use chrome.identity.launchWebAuthFlow. Here is an example with facebook oauth flow on Github
Related
I'm building a mobile app using Intel-xdk along with hello.js (a client side javascript sdk) for facebook login because it's the only thing that makes fb login work for me on Intel.
The hello.js instructions were hard for me to figure out even though they seem simple.
This is the init code as provided by the hello.js documentation. https://adodson.com/hello.js/
hello.init({
facebook: ************,
windows: WINDOWS_CLIENT_ID,
google: GOOGLE_CLIENT_ID
}, {redirect_uri: 'index.html'});
I need to note that I'm testing this on the intel-xdk emulator, on my iphone, and on the chrome browser. I am getting two different errors depending on where I test. I get either "app ID invalid", or "redirect uri not supported". Is there a different way I should be writing the redirect uri.
***UPDATE****
I got rid of the "windows" and "google" properties because I'm not using either of them for login. I also swapped "google" into the redirect uri. It didn't work when I used www.google.com, but DID work when I used https://www.google.com. So I think using "https" matters. This is what this init code block looks like now:
hello.init({
facebook: '178363645852696'
}, {redirect_uri: "https://www.google.com"});
Here are the different errors I'm getting now. On the intel-xdk emulator it goes right to google no problem. On the device it tells me I'm not logged in ( which isn't true). On chrome the message in the pop up window says this :
Given URL is not whitelisted in Client OAuth Settings: This redirect
failed because the redirect URI is not whitelisted in the app’s Client
OAuth Settings. Make sure Client and Web OAuth Login are on and add
all your app domains as Valid OAuth Redirect URIs.
I will continue to work on this and update my solutions, but additional solutions are wanted.
The sdk you are using is for websites not for cordova apps.
If you have code locally and building app using intel-xdk, then using a facebook cordova plugin is best solution, here is tutorial on how to get facebook API working in intel-xdk:
https://software.intel.com/en-us/xdk/article/facebook-connect-plugin-android-ios
I just got my app working with $cordovaOAuth from ng-cordova and I've read and understood all from Nic Raboy's post (http://blog.ionic.io/oauth-ionic-ngcordova/). It works fine: both the inAppBrowser and the authentication itself.
But I want to take it one step further: how can I redirect the OAuth call to the installed app itself? For example, if I was using Facebook OAuth, how can I open the actual Facebook app (if installed - how to check it?) instead of a browser?
We are developing a hybrid mobile app (code is written in HTML and runs on browser shell as a native app on the device). We need to authenticate the user against an external security manager. I've seen the Gmail App in iPhone which opens a browser to authenticate the user. We are also looking to do something of that sort. We just need to gather your thoughts on how authentication can be done with some external security manager in a mobile app.
Also I noticed that Dailymotion website was able to know if the user is authenticated with Facebook. This looks like a cross domain authentication.
Can you please share your thoughts on how Google and others have implemented it?
What you are looking for is OAuth and OpenID services to federate your login. Depending on the architecture of your system you can implement whichever one you like or even a hybrid of both.
Take a look at this link: Federated Login for Google Accounts
It provides all the useful information you need.
Hmm this question seems old but in case you haven't found an answer here's how I did it with my hybrid apps :
open url on client side with the provider's (facebook/twitter/instagram) url for login
the user logs in and is redirected to the server's callback url (my server is written in nodejs)
once I've got the access token from the provider. I save this token and then create a token for the client to reuse every time the user wants to access a protected ressource.
Download the apk and test it.
If this is what you're looking for you can checkout both the client side code at : https://github.com/malikov/Authenticate.me-client-cordova-ionic
And the server side code at : https://github.com/malikov/Authenticate.me-Node-Server
Cheers
So I'm trying to build a Blackberry Webworks that integrates with Facebook.
I'm trying to use the Javascript API provided by Facebook, but I'm having some issues with logging in.
The typical "FB.login" function creates a popup, and this doesn't show up on a Blackberry so using that is no good.
Another issue is that I have no idea what to set as the redirect_url for the oauth login, because Webworks pages are referenced locally (local://index.html), and the API rejects this as a valid url. (I've also tried just index.html, but this also causes an error)
And finally, I have no idea what to use for the Mobile Website URL on the Application settings and not sure what other settings to use. Since users will be coming from a Webworks app, Facebook is rejecting login requests if I try to call the oauth url directly. (191 Error).
I figured out the only viable way to do this is to have a web server that will go through the OAuth2 authentication process documented by Facebook.
What you can do in Blackberry is open a new window or to use a Blackberry BrowserField that links to the web server, that way, your page will be able to get the oauth token that you can use to make Graph API calls.
I'm using Facebook connect for request credentials to the user's information.
I'm doing it from the web browser.
If the user is using a mobile (Android/Iphone) device, all the authorization process goes inside the browser.
Is it possible to raise the Facebook application (if it's already installed) and pass all the authorization process there? instead of keep using the browser (to improve the user experience).
I can detect if the user is coming from a mobile device (by his user-agent for example), maybe I can add some special url schema to raise the Facebook application?
Thanks,
Itay.
For iPhone: try to see with openURL function. See this article for more information to launch Facebook app