Using 1.2.2 of Omniauth with Rails 4.1 - and all clients work perfectly with Google/Yahoo/LinkedIn - except iPhone Safari (iPad Safari works fine)
The error returned is always invalid_credentials and despite making dozens of changes relating to numerous google results/stack overflow threads/etc - I cannot find any way to get the iPhone to log in
The iPhone works fine in Chrome - only with Safari it fails
Our config is nothing more than provider :xyz, key, secret
We had HTTP BASIC authentication running on the site to keep it from public eyes for the moment
On all clients apart from the iPhone Safari this hadn't caused any issues - for some reason on iPhone Safari the request must have been processed differently, I suspect causing multiple requests to the site and triggering some kind of CSRF or authentication issue - by making a number of random changes I managed to get the error to be a CSRF error instead of an authentication error
Removing the HTTP BASIC authentication resolved.
Related
My app can interact with Drupal API in the browser but not in the simulator and device. (Currently testing in iOS).
How can I fix it?
Everything is working fine in the browser but in the simulator/device, I get 403 forbidden access.
The problem that might cause it
I think the issue is with cookies? In Drupal, I have ini_set(‘session.cookie_samesite’, ‘none’); and it works. If I removed that, I get 403 forbidden access in the browser, simulator & device.
If I add that, it works on the browser but not in simulator/device.
How can I fix this?
Can I use https://ionicframework.com/docs/native/http/ instead of angular http service? Does it support withCredentials?
Thanks
I think you should use a different authentication method if you want to access the site from different devices. By default, Drupal has "Samesite" to "Strict" I think. Setting the samesite to "None" means that other domains or devices can access the same cookies from your website.
I'm using AppAuth-iOS for SSO. Everything works just fine on the ios 11 simulators and SSO (cookies sharing) doesn't work on the real devices running 11.0.0, 11.0.1, 11.0.2. So is the SFAuthenticationSession broken and is there any known workaround?
I am also facing the same issue and based on my tests and research, yes it is broken. SFAuthenticationSessions remember the cookies on a single application run, but not after the application has restarted or between multiple apps (= SSO). I have done a series of tests with iOS 11.1 beta 1 and Xcode 9.1 beta 1 with following results:
Using the SFAuthenticationSession to do an initial login, and during the same application run, using another SFAuthenticationSession to check if login is still valid (based on cookies). This works OK.
Restarting the application and then trying to check the session state will not work, indicating that the cookies are not persisted.
Using the system Safari (with UIApplication.shared.openURL) to do the login and using SFAuthenticationSession afterwards to check the login state. This also does not work. Cookies are not shared between Safari and SFAuthenticationSession.
Used the system Safari both both login and session checking works, even between multiple application runs. As expected, Safari still remembers its own cookies. But they are not shared.
The other complaint I have with SFAuthenticationSession is that is uses the project target name and not the application name for its popup dialog.
The only ongoing discussion I could find about this is in this Twitter post: https://twitter.com/rmondello/status/887434621989789696. I have also filed a bug report but no updates on it since September 5th.
We've noticed that when we try to logon to our application, using an iPhone with either Chrome or Safari, we get an authentication error.
Is there something special about making POST requests in Angular under these situations?
[UPDATE]: We can see that both the OPTIONS and POST are returned as being successful from our API, however, the UI continues to reject the response as being successful.
Thanks to hint from #kai, it was, indeed, an issue that LocalStorage is not supported in Incognito mode. Need to have a fallback...
Have no idea why Facebook login doesn't work. Tried all answers to similar questions.The weirdest thing is that there is another app with same settings which works just fine. Maybe there is some kind of update I don't know about.. App runs locally on http://127.0.0.1:8000
Added facebook login product and in value OAuth redirect URLS entered everything possible: localhost, http://127.0.0.1, http://127.0.0.1:8000
Made app public, tried also creating test app. In app domains it's localhost and in Site Urls I tried both localhost and localhost:8000
EDIT: FB init doesn't even work. So no response to debug or something
And anyways I get this error:
Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.
Id and code is correct. The same works on different project(Checked id, all comas and etc). What else could be theoretically wrong? At least does the error mean what it says The domain of this URL isn't included in the app's domains. ?
Same problem here, Just started happening with no warning.
I was using .Net Identity 2.0 with Microsoft.Owin.Security.Facebook 3.0.1 however it seems Facebook may have deprecated support for this.
The only symptom I got when debugging is that the call to AuthenticationManager.GetExternalLoginInfoAsync() returns a null which is extremely not useful.
In the end I upgraded to the release candidate using the NuGet Package Manager Console command "Install-Package Microsoft.Owin.Security.Facebook -Pre"
If you're using .Net with this package then I recommend you test this solution in a staging environment first and see if it fixes the issues (and that it doesn't cause any new issues).
it's the FACEBOOK APP PLATFORM in settings
I had my disabled and kept getting error
I enabled the app platform and it works.
enter image description here
We're using Facebook connect in an application outside of Facebook, quite regularly the C# Facebook SDK is throwing an exception with this message "Precondition failed: !cookieValue.Contains(",") Session value must not contain a comma."
After doing some research it seems linked to the fact that we're using the JavaScript SDK (for Facebook Connect) and the C# SDK at the same time. As I'm unable to replicate the issue myself I don't have much clue.
UPDATE: In fact the exceptions are happening in prod to "real" users. THE SDK is throwing a hundred of them a day.
Yeah - getting this as well - also using c# SDK and Javascript SDK.
It seems to have happened ONLY to my FB account - when testing my application - and it happened after I had used the wrong app secret in my Oath settings.
It seems that Facebook had TWO access tokens for my personal account - and was trying to store them both in the cookie. I tried using the SDK deleteauthcookie() method, I deleted ALL of Facebook cookies in my browser. No Luck.
The only solution was to remove ALL of the cookies in my browser....
It seems Facebook SOMETIMES tries to store two access tokens in a cookie - separating them with a comma - and c# SDK doesn't like that.
This was a bug in the Facebook C# SDK: http://facebooksdk.codeplex.com/discussions/273578/
Could you remove the following line of code from ParseCookieValue
method.
Contract.Requires(!cookieValue.Contains(","), "Session value must not
contain a comma.");
This has already been fixed in the latest v5.3.1beta
(http://facebooksdk.codeplex.com/releases/view/75790)