So I am trying to use single sign on in an outlook addin. I have registered my app at https://apps.dev.microsoft.com/.
In my Manifest I have
<WebApplicationInfo>
<Id>{myId}</Id>
<Resource>api://mydomain.com:3000/{myId}</Resource>
<Scopes>
<Scope>Mail.Read</Scope>
<Scope>profile</Scope>
</Scopes>
</WebApplicationInfo>
mydomain.com is actually a domain i map to my local IP.
Outlook accepts my manifest just fine. How ever when i call Office.context.auth.getAccessTokenAsync, I get the following response
{name: "Invalid application resource Url provided.", message: "Invalid resource Url specified in the manifest.", code: 13004}
How else should i write the resource url. Am i supposed to add this url somewhere else?
I followed https://learn.microsoft.com/en-us/office/dev/add-ins/develop/register-sso-add-in-aad-v2 and was able to get further. But now i Get {name: "Preauthorization missing.", message: "Missing grant for this add-in.", code: 13005}
I was able to solve Error 13005 by adding /taskpane.html to the end of my redirect URI in the authentication tab of my App Registration [Figure 1]. Originally I just had https://loacalhost:3000 as my redirect URI. Just make sure that whatever endpoint the user is being redirected to is the redirect URI. Seems simple but I spent a lot of time on this.
If you can't figure out what your redirect endpoint is, inspect the taskpane element and then look at the top of the tab. It should be something like DevTools - {localhost:3000/taskpane.html}?_... The text inside of the curly braces is the endpoint, make sure that the whole string is added to the Authentication tab in App registrations.
App Registration Page Example Picture
I hope this helps,
Lucius
I am creating an addon for blocking sites on user request.I have done- getting user input and storing in simple-storage.Now i want to access the url of the tab(s) before the page gets loaded so that i can process the url and gets it hostname to block the site.
You do this using the PageMod module with onAttach.
pageMod.PageMod({
contentScriptWhen: 'start', //This says not to wait until the page is ready
include: ['*'],
//Forget about contentScript(File), we're not attaching a script
onAttach: function(worker) {
var tabUrl = worker.tab.url;
if(tabUrl==myString) worker.tab.url = 'http://arabcrunch.com/wp-content/uploads/2013/05/block-website.jpeg'
}
});
But I recommend doing it differently. Instead of checking every URL yourself then doing something , you create an array of URLs or partial URLs and set include: myArrayOfUrls. Then you don't need the if clause in onAttach, you already know that it's one of the websites you want to block.
You can register to the http-on-modify-request notification from the Observer Service. You'll get notified just before the request is made and you can get the URL.
See the following resources on the topic:
Setting HTTP request headers for registration example and Observer Notifications for the list of notifications you can register to.
What you describe is essentially what the Adblock Plus extension is doing, maybe you could use it directly or look into its code.
This is a little different than all the other Rails 3 redirect https questions out there. Let me explain.
In order to publish our site with Phusion Passenger we had to create a subdomain and use a symlink (or softlink or alias) from the www/rails folder to /home/user/app/railsapp.
In order for the HTTPS to work (because of various domains issues) we need to have a rewrite mod that actually creates this route:
https://my.site.com/rails
Notice the trailing /rails route.
This route does not exist on our app. So what I need is a way to redirect anything that comes in with that route to:
https://my.site.com/login
So I thought I'd do this, in the routes.rb file have this:
match '/rails' => 'sessions#redirect_to_login'
In sessions_controllers.rb:
def redirect_to_login
redirect_to login_path, :status => :moved_permanently
end
This results in the app complaining that it can't find /rais/login/ so it's still seeking that /rails bit.
If I add something like redirect_to "/" which in turn will send you to my.site.com/login with a redirect when you're not logged in, I'll get an error of too many redirects in the browser.
redirect_to login_url didn't do the trick either.
It gets a bit more complicated in the sense that whenever I'm using the https protocol for that site, it will append that /rails route so I need a way to remove it from all the links. For example, https://my.site.com/movies will get translated to https://my.site.com/rails/movies.
Either remove the /rails or redirect all https traffic to http except for the login page.
I'm sure there is a relatively easy fix for this, but I can't figure it out.
Help is appreciated.
I am using omniauth-facebook gem in my rails application to allow user to sign_in/sign_up via facebook. Its working well. But my problem is when I click on cancel button I am getting following error
(facebook) Callback phase initiated.
(facebook) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
Started GET "/auth/facebook/callback?error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request." for 127.0.0.1 at 2012-05-18 11:42:36 +0530
Whats the matter? Adding /auth/failure => 'pages#home' is also not working.Please help
Take a look at the last section on https://github.com/intridea/omniauth/wiki/FAQ and see if that helps. It suggests adding
OmniAuth.config.on_failure = Proc.new { |env|
OmniAuth::FailureEndpoint.new(env).redirect_to_failure
}
to your omniauth initializer. This worked for me locally, and then you just need to define your /auth/failure route & action.
I was having the same problem when debugging locally (localhost).
On a public url it worked, it probably needs FB to "see" you.
You can test on a public url or maybe use some king of tunnel (localtunnel is an ultra simple example).
HTH
The title really says it all. Under some (undetermined) conditions FB.getLoginStatus() just stops working and won't invoke the callback I gave it. The only interesting clues I've found are
FB.Auth._loadState is stuck on "loading" -- whatever is supposed to make it click over to "loaded" isn't happening
slight delays like putting in alert() calls tend to make it start working
Any hints at all about even how to investigate this welcome.
This usually happens for me when I am running the page under a different domain from what has been registered in Facebook. Typically this is when I am developing locally.
If you are running locally, you'll have to set up a local web server and then modify your hosts file to point the the registered domain to 127.0.0.1 in order to test on your local machine. Don forget to remove that line from the hosts file when you want to test it on the server.
According to:
https://developers.facebook.com/bugs/240058389381072
You cannot put your application under sandbox mode, or else it won't work. Go into your app settings, advanced, and switch it. This stumped me for a couple hours until I happened upon the bug report.
I had similar problem with FB API. It turned out, that my Facebook App was misconfigured. Please make sure that this is not the case for you. My problem was that my "Site URL" param in FB application was pointing to https, but I was using http protocol for development. Any call against FB api after FB.init was not calling my callback functions. So the first thing to do should be to double check App config.
Now, if some reason you depend on FB api but you wish to have a fallback option in case it;s inoperative - workaround with timer should be ok for you. Just set up a timer and disable it if FB Api gives you proper response. If not - fallback to some custom function which will perform some additional logic.
function callFbApi() {
var timeoutHandler = setTimeout(function() { requestFailed(); }, 1000);
function requestFailed() {
// When this happens, it means that FB API was unresponsive
doSomeFallbackWork();
alert('hey, FB API does not work!');
}
FB.getLoginStatus(function(response) {
clearTimeout(timeoutHandler); // This will clear the timeout in case of proper FB call
doSomeUsualWorkAfterFbReplies();
return false;
}, true);
}
If your application is in sandbox mode, Facebook acts as if your application is invisible to anyone who is not listed as an application developer. If you're not logged in, then it would stand to reason that your app is now invisible.
The callback will only fire if you're initializing with a visible application. Otherwise the following response is returned:
<span>Application Error: There was a problem getting data for the application you requested. The application may not be valid, or there may be a temporary glitch. Please try again later. </span>
For more info please see my comment on this bug ticket:
https://developers.facebook.com/bugs/240058389381072
Maybe you are using the asynchronous call. The same thing happened when I called FB.init with window.fbAsyncInit. All I did was delay the FB.getLoginStatus with a setTimeout function
window.setTimeout(checkLogStatus, 1000);
function checkLogStatus(){
alert("check");
// fetch the status on load
FB.getLoginStatus(handleSessionResponse);
}
It seemed to work after that
On the new version of the Developer app, you have to make sure to have put the correct URL you are using to access the application in the Website field under the
Select how your app integrates with Facebook
section.
Make sure the protocol is HTTPS and not HTTP.
I had a similar problem. The site worked every time when I was opening the browser, but fails when I tried to reload.
The cause was the missing "www" on the site name on Facebook configurations. Note that putting "www" (like www.yoursite.com) works on both situations (yoursite.com or www.yoursite.com).
As others have posted, you must be accessing your site at the same URL that facebook expects. For example if facebook has a callback "example.com" but you're browser has "www.example.com", that can cause this problem.
In addition, if third-party cookies are not allowed by your browser, you may also see this problem. Or you may see the callback erroneously reporting the user is not connected.
Just posting a situation I had were calling FB.getLoginStatus got absolutely no response.
My application is designed to run in a tab, and I only entered the Page Tab URLs on the app admin page, and not the App On Facebook (i.e. Canvas) URLs. The tab loads perfectly, but any calls to the FB JS SDK provoke no response.
In Facebook App Settings, go to Client OAuth Settings, look at Valid OAuth redirect URIs
Make sure you have listed all URIs which are the domains from which Facebook SDK is being invoked. For example:
I develop at localhost:5000 and deploy to Heroku. Notice the format: http://domain.name/