I need to scrap a URL with server authentication. I've tried to pass login and password in URL like: http://login:password#example.com but no succeed. Any idea if its possible to pass the authentication on Facebook Debugger?
Thanks!
No, the debug tool does not support that - the URLs you provide to Facebook need to be reachable by Facebook's crawler if you want it to pull metadata from those URLs
Related
I need to launch a Confluence page from another website. The Confluence page is access protected and I need to do the authentication before the page is launched so that Confluence doesn't ask for a username/password.
Is there a way to get this done?
You are looking for application links. There is a good post on Atlassian about how to preform authentication from one app to another by passing the authenticated headers upon request.
I know that this question have been asked before, but my scenario is a bit different. I'm trying to implement login with facebook feature into my website, which has SSL, but when I attempt to login I get an error message:
Insecure Login Blocked: You can't get an access token or log in to this app from an insecure page. Try re-loading the page as https://
Ideas?
This solution was tested on a django application using Facebook OAuth
NOTE
my site already had SSL and is accessible via https
But when trying to login using Facebook OAuth i get the above error (Insecure Login Blocked)
My Solution
all i had to do was to set ( this configuration is done within application setting :: settings.py )
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'https'
helpful link
which literally means
use *https* instead of the default *http* when trying to login using social account e.g Facebook
Then i also set Valid OAuth Redirect URIs on facebook login settings to https://redirect_url.com
For non django application
If you're not using django, i believe there should be a base configuration file, where all your configurations for the application are done (it might be same file where you've configured your application to use social authentication).
Whatever library you're using to enforce social authentication, search for how you can allow redirect to be done via https instead of the default http and then add it to your application's configuration file.
I hope this helps someone save some time
There are questions related to fb messenger. but as none answers my question, here it is.
I have been given a developer account for API to work on which is 'http'. Meaning I won't be able to use it as Callback URL. I am not authorized to request developer for https too.
How should I proceed?
Facebook requires that the callback url for receiving events use HTTPS as the scheme and specify a verify token in the app's webhook section.You should try to get the server you are working with to install the necessary SSL certificate(s) and update your webhook to point at it.
Facebook requires https. You can use ngrok to convert your local URLs to https based public URL and use them on webhook subscription url.
I would like to know if facebook's api can access a website protected by htaccess password ?
Because I need to try some opengraph plugins I did.
thanks
Yes it will work because your server will be accessing the API, but the API won't be accessing your server. You can also run your app in sandbox mode.
TL;DR version:
Can you authenticate with Facebook without having a callback URL for a web application since the web application isn't actually running on a server.
Full explanation:
I'm working on building a connectedTV platform application where the "app" itself is a bunch of HTML/JS/CSS running locally (like File -> Open on your desktop browser) and I'd like to integrate Facebook into this.
The problem is that all of Facebook's OAuth calls for the web require you to have a callback URL to redirect the user to in order to complete authentication. Here's the gotcha -- there is no URL for this application -- it's a locally running webpage on the device.
I know this is what out-of-band authentication was designed for, but I can't seem to find any documentation on how to use this (or how to do a non-callback OAuth flow) with the Facebook OAuth system.
You're describing desktop authentication or any situation where you are authenticating to FB without a server. The redirect URL you pass to the OAuth dialog is https://www.facebook.com/connect/login_success.html When the browser redirects you can get the access token. You can read all about it in the FB documentation, way at the bottom in the Desktop Apps section (https://developers.facebook.com/docs/authentication/)
Just reread your question and since the application runs inside a browser you will need to open another window to authenticate and get the access token from that.
If you're doing HTML/Javascript, use their Javascript SDK. You can log the guy in simply by using FB.login and getting the access token from the callback from that.
I really don't think this is directly possible. Unless there is something totally undocumented, Facebook has no mechanism to send authentication data except by loading a url. I'm sure it's meant at least partly as a security measure, functioning as sort of a "whitelist" of where auth data will be sent.
The only way I can think of for you to work around it might be to set up a url on a server somewhere that could answer the redirect and store the auth data, and have your client-side code poll that server to get it. Kind of a proxy authentication service, in effect. You would probably have to open a second browser window with the Facebook auth screen in it, but in theory it could work.