Where do we find the OpenID endpoint to use in our dev environement/site. This code is not working:
//OpenId Relying Party
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var openIdIdentifier = "https://openid.intuit.com/Indentity-AppName";
IAuthenticationRequest request = openid.CreateRequest(openIdIdentifier);
I am getting No OpenID endpoint found. In the code snippet above I am replacing AppName with the name of the DevMaster App Name shown
Can you please try the following url
https://openid.intuit.com/openid/xrds
Thanks
Manas
Related
I'm build a system for our company using Keycloak. I use keycloak.js for by-pass default login page of Keycloak.
function myFunction() {
let kcLogin = keycloak.login;
keycloak.login = (options) => {
options.idpHint = 'facebook';
kcLogin(options).then(auth => {
alert("keycloak Login");
if(auth) {
alert("token" + kc.token);
} else {
alert("auth is null");
}
});
};
keycloak.init({ onLoad: 'login-required' }).then(function(authenticated) {
alert(authenticated ? 'authenticated' : 'not authenticated');
}).catch(function() {
alert('failed to initialize');
});
}
But I can NOT get access token / refresh token after login.
I check: keycloak.token = undefined.
Please help me!
PS: I always get exception of keycloak.init then redirect to facebook login ( or google login )
alert('failed to initialize');
Thank you so much.
Code here: https://github.com/loizenai/SpringBoot-Keycloak-Social-Authentication-Py-Pass-Default-Login/tree/main/SpringBootKeyCloakSocialSignIn
You are trying to configure your backend and frontend with Keycloak.
Either you just have to configure your backend to integrate with your keycloak or Integration your frontend application and your backend will only verify the token.
The current application architecture you are following is an MVC pattern.
Where your spring boot(backend) application controls the integration with Keycloak.
Please refer to this article: Secure spring boot 2 using Keycloak
What you are trying to target follows this kind of architecture pattern:
Secure Vue.js apps with Keycloak | DevNation Tech Talk
In the above reference, I have used the Vue application but you can use your vanilla html/js application as well to integrate with keycloak.
First, try keycloak login flow in your application and then you can enable social login.
I'm having issues with using the facebook login feature.
At the moment I have yet to deploy and am testing locally on my machine.
I've followed all the steps of:
1) Adding the facebook App ID and App Secret
2) changed the OAuth redirect URI to https://study-buddy-6646a.firebaseapp.com/__/auth/handler
However I am still getting the following error:
{"error":{"code":400,"message":"Error getting access token from
FACEBOOK, OAuth2 redirect uri is:
https://study-buddy-6646a.firebaseapp.com//auth/handler, response:
OAuth2TokenResponse{params:
error=OAuthException&error_description=Error%20validating%20client%20secret.,
httpMetadata: HttpMetadata{status=400, cachePolicy=NO_CACHE,
cacheDuration=null, cacheImmutable=false, staleWhileRevalidate=null,
filename=null, lastModified=null, headers=HTTP/1.1 200 OK\r\n\r\n,
cookieList=[]}}","errors":[{"message":"Error getting access token from
FACEBOOK, OAuth2 redirect uri is:
https://study-buddy-6646a.firebaseapp.com//auth/handler, response:
OAuth2TokenResponse{params:
error=OAuthException&error_description=Error%20validating%20client%20secret.,
httpMetadata: HttpMetadata{status=400, cachePolicy=NO_CACHE,
cacheDuration=null, cacheImmutable=false, staleWhileRevalidate=null,
filename=null, lastModified=null, headers=HTTP/1.1 200 OK\r\n\r\n,
cookieList=[]}}","domain":"global","reason":"invalid"}]}}
Any help would be greatly appreciated!
There
I'm using MicrosoftAzureMobile ios framework to connect to an azure mobile app with authentication enabled. I configured the service with facebook login. I can successfully login with FBSDKLogin as well as MicrosoftAzureMobile.MSClient.loginWithProvider with provider and controller. However when I try the loginwithProvider with token get from FBSDK,
let accessToken = FBSDKAccessToken.currentAccessToken()
client.loginWithProvider("facebook", token: ["access_token":accessToken]){
I got below error
MicrosoftAzureMobile.MSClient.loginWithProvider with provider and token failed with return Code=-1505 "The token provided was not valid.
how do I debug this issue? the azure portal's tools/streaming logs works last week but always shows connecting today
thanks
Joe
problem solved, i have to use accessToken.tokenString because accessToken itself is not serializable to json
Are the urls for the endpoints in identityserver3 configurable?
How come in the example for MVC the Authority is set to:
https://localhost:44319/identity
While the standalone webhost (minimal) sample has the authorization endpoint set to:
https://localhost:44333/connect/authorization
Has something been configured somewhere so that the /identity will work.
Or is the .../identity not the IDSrv3 endpoint at all, but rather only the API call instead of
https://localhost:44321/identity
which is what is called in the CallApiController... (I would change this example totally to something else with different names, so that there's a clear difference between what is part of the app (Foo and Bar) and what is part of idsrv3 (auth claims tokens and scopes) --sigh.
(end of question...)??
In any case:
When the webhost standalone minimal idsrv3 is down - I'm getting:
No connection could be made because the target machine actively refused it ... Wasn't sure what I was doing wrong, but was sure that I was doing something wrong. (Forgot to run the IDSrv3)
When its up, in both paths: (/identity and /connect/authorization)
I get 404 not found,
and if I just give the root with a trailing slash, I get: Error, The client application is unknown or is not authorized, instead of showing me the login page...
So it seems the trailing slash root is the correct way to go, which leaves me with my first question, so how/why is the Authority set in the MVC demo to include the path /identity.
IdentityServer url is configured in the startup.cs file.
In the MVC app the IdS is configured under 'webroot'/identity. In The console app IdS is running under the root of the selfhost 'webroot/'
app.Map("/identity", idsrvApp =>
{
idsrvApp.UseIdentityServer(new IdentityServerOptions
{
SiteName = "Embedded IdentityServer",
SigningCertificate = LoadCertificate(),
Factory = new IdentityServerServiceFactory()
.UseInMemoryUsers(Users.Get())
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get()),
AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
{
EnablePostSignOutAutoRedirect = true,
IdentityProviders = ConfigureIdentityProviders
}
});
});
The other urls you mentioned are all urls which can be resolved via the discovery document: http://'webroot'/.well-known/openid-configuration
or in case of the MVC app: http://'webroot'/identity/.well-known/openid-configuration
Following is the code which I am using to integrate SAML into my application:
require_once('../../sp_saml/lib/_autoload.php');
$as = new SimpleSAML_Auth_Simple('trunk-sp');
$as->requireAuth();
$attributes = $as->getAttributes();
print_r($attributes);
The issue which I am getting is with https pages only. It goes to 414 Request URI too long, when trying to authenticate from the SimpleSAMLphp.