My Visual studio 2015 Cordova app, which uses facebook login is working fine in Ripple emulator. However, when I try to run the same app in Android emulator or in device, I get the error: “Given URL is not allowed by the Application configuration: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.".
In my facebook settings (https://developers.facebook.com) for website I have following entry:
Site URL: http://localhost:4400/
Mobile Site URL: http://localhost:4400/
In Advanced Tab, OAuth settings, both Client OAuth Login and Embedded browser OAuth Login are “yes”.
I tried with “Valid OAuth redirect URIs” keeping empty or http://localhost:4400/login
Hosts file does have an 127.0.0.1 localhost entry.
What should be the right URL in Site URL for an application in Basic and Advanced tab of http://developers.facebook.com? Wondering if these fields are ignored for a mobile app?
Like on a device, when running in the Android emulator, the Android OS believes "localhost" is the device itself rather than your PC. This is just like running Windows in a VM in this regard. Try fully qualifying your machine name or using an external IP instead.
Related
In mobile first tutorial,
one step is mfpdev app register
Question is what is the use of the registration
as I develop an ionic project and can connect to mobile first without registration when Cordova web resources Previewed with the Mobile Browser Simulator using MobileFirst command mfpdev app preview
mobile first 8
ionic 3
mfpdev app register command will register your application with MobileFirst Server. Without registering your application with the server, the application on the mobile device will fail to connect to server with an error 'application does not exist'.
If you do not want to use mfpdev app register command, you can register your application manually at MFP Operations console.
For more details , refer : Registering an application
Update : If you are using command mfpdev app preview to preview your web resources with the Mobile Browser Simulator, Security checks are not run on the server-side and security challenges are not sent to the client that runs in Mobile Browser Simulator.
MobileFirst Development Server includes a confidential client "test" that has an unlimited allowed scope ("*"). By default mfpdev app preview uses this confidential client.
NOTE : command mfpdev app preview is meant for preview the UI , OAuth protocol is not fully supported
For more details, refer :Previewing Cordova web resources with the Mobile Browser Simulator
Thanks for #manjunath kallannavar for all the supports
Unrestricted right (without login) to both protected and unprotected resources lead me to confidential client.
As pre https://youtu.be/DlxZYxXszIw?t=15m40s, the author mentions user is as confidential client when using mfpdev app preview.
However, this is not documented in IBM reference. (Please quote if you find one)
Also, by using ionic cordova run android in emulator, finally challenge received.
Conclusion, with mfpdev app preview, user right = confidential client => can access all resources
Credit to #manjunath kallannavar
Official explanation:
MobileFirst Development Server includes a confidential client "test" that has an unlimited allowed scope ("*"). By default mfpdev app preview uses this confidential client.
I'm developing a Chrome packaged app (not an extension), which connects to the server over secure WebSocket. The server's certificate is self-signed, and this cannot be changed.
The problem is that on the chrome packaged app, the connection attempt fails with an ERR_INSECURE_RESPONSE error.
In the Chrome browser, there is a work-around: The browser opens a security warning page. If user chooses to continue to the website, it goes on to the remote page. However there is no such work-around in a packaged app. Instead, the connection attempt just fails.
Is there any way to code the Chrome packaged app to accept a self-signed certificate?
Found a work-around - open a browser from inside the chrome app.
This is done by using a webview HTML element (webview is the chrome app name for iframe).
Now the chrome app user can accept the security risks of using a self-signed certificate, just as the web app user does.
I'm using Xamarin Forms in Visual Studio 2015 with the new MSAL preview v.1.1.0. The app calls the PublicClientApplication.AcquireTokenAsync which pulls up the login form in Chrome on the mobile device. The login is successful, but when it redirects I get the error message "This site can't be reached. The webpage at msal[my app id]://auth/?code=[auth code]... might be temporarily down or it may have moved permanently to a new web address.
When stepping through the app I see that the PublicClientApplication's redirect uri property is set to msal[my app id]://auth. And that is the same custom redirect uri that I entered into the Azure B2C tenant application.
Does anyone have any suggestions from that error of what I should check? Thanks.
OK. I figured it out. I missed the instruction in step 6b on the new sample app: https://github.com/Azure-Samples/active-directory-b2c-xamarin-native. There needs to be a BrowserTabActivity added inside the application element of the AndroidManifest.xml file. See the link on github for specifics.
You should check out the Integrate Azure AD B2C into a Xamarin forms app using MSAL sample.
This issue generally has the following causes:
You haven't configured your RedirectURI correctly in your AndroidManifest.xml, double check that you've populated both the scheme and the host correctly, where scheme only includes msal[APPLICATIONID] without colon, slashes or 'auth' and the host while the host only includes 'auth'
You haven't configured your RedirectURI correctly in your MainActivity.cs, double check that it matches the full redirect URI, meaning that it does include colon, slash and 'auth' like so: msal[APPLICATIONID]://auth
You're missing the OnActivityResult method that calls the AuthenticationContinuationHelper.
You need to use Chrome which is not installed on all images inside your emulator.
Running in an Android Emulator
MSAL in Android requires support for Custom Chrome Tabs for displaying authentication prompts. Not every emulator image comes with Chrome on board: please refer to this document for instructions on how to ensure that your emulator supports the features required by MSAL.
i am begginner in phonegap and using android studio for editing and running phonegap coding
i have to add facebook login in my phonegapp app ,for this i am using openfb.js plugin
link -- https://github.com/ccoenraets/OpenFB
sucessfully integrated all things but when running its showing me valid oauth redirect uri error
what will be "Valid OAuth redirect URIs" if my project file is saved in computer c drive and not on localhost
Why chrome is not showing my canvas application on facebook ?
It will show it when you surft direct to it om our domain. But it will give the error below when accessing it it through the apps.facebook.com domain.
We are running on a self signed certificate. Using Firefox on fb canvas app gives you an option if i want to continue surfing an insecure site. Chrome will show an error with no options.
This webpage is not available
might be temporarily down or it may have moved permanently to a new web address.
Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error.
Google chrome version 16.0.912.63 m
Had the same problem and solved it by going to my local canvas site, exported the certificate (as p7b) and imported it again into Chrome. There was an older local certificate installed, maybe that was the problem.