I have created an iPhone application using PhoneGap. I have followed code from this tutorial:
Building PhoneGap Mobile Applications Powered by Database.com
I have logged in successfully and got struck in this screen:
I am unable to move to other screens to access data. Here is the url that got generated after successful login:
https://login.salesforce.com/services/oauth2/success#access_token=0000&refresh_token=0000&instance_url=https%3A%2F%2Fna12.salesforce.com&id=https%3A%2F%2Flogin.salesforce.com%2Fid%000C&issued_at=0000&signature=qqqq&scope=id+api+refresh_token
Do I need to add cosumer key to this url? Here is my callbackurl:
https://login.salesforce.com/services/oauth2/success
What would be the problem? Did I miss anything?
So https://login.salesforce.com/services/oauth2/success is a stub URL for callbacks - and that is the screen you are seeing there, and the access_token variable is your session ID for the user. So the OAuth flow is working correctly.
In the code, you might check to see if:
oauthResponse.access_token
Is getting set correctly. If so it looks like:
sfw.login( setupHomeView );
Is what should tell it to move from that page to the next UI page.
You might also check out the Force.com Mobile SDK:
http://developer.force.com/MobileSDK
It also includes PhoneGap and has a great OAuth wrapper built in.
Related
I'm working on authentication for an Ionic 4 app. I'm using the in app browser plugin to login. After successful login an access token is sent back to the client. I can't figure out how to get the token from the In-App Browser to the app.
You can use an event listener such as :
this.browser.on('loadstart').subscribe(event => { this.checkForToken(event); })
Where checkForToken can look at your "event.url" and parse the token to be stored to localStorage or some other method to be used to login with once the in-app browser is closed.
Using events to listen for load start and stop was an awesome idea. I was, however, facing another issue. Google doesn't allow sign in using the In-App Browser and I really needed that. After asking around and looking at similar past issues I came across a Cordova plugin called BrowserTab. This was awesome as it's an instance/Custom Tab from chrome so it worked fine with google sign in. Another problem came up. You can't inject Javascript into BrowserTab and there was no way to programmatically close it once done. I looked around some more and that's when Deeplinks came to mind. I used the Deeplinks plugin and passed my access token as a parameter. When the user logs in, the BrowserTab redirects to a Custom URL scheme link for my app with the access token in the URL. Now it works perfectly. I've read somewhere that IOS is getting rid of Custom URL Scheme links. Luckily, it still has support for Universal App Links
Documentation on the net seems to be VERY scarce. The only option I can think of at the moment
is to have my SPA app break convention and to have the (initial) logged out page be different to the logged in one (eg my app).
My app is built using Durandal 2.0.0.
In one of my OAuth tests app's I've managed to implement this link successfully. But as Durandal does not work in the same way (Server-side controller, & razor views), I'm thoroughly confused in how to achieve what I want to.
I'd like to have my app remain a single page app. But I've got little to no experience with the OAuth SDK
My only requirement is that the user log into my app using his FB account.
I've had an initial stab at this using the FB java script API, and got it working, but after discussions with another developer this side, it doesn't seem like the purpose of the java script API is to facilitate secure application login's? As the way we had it, would allow any user to pass a valid fb userId, then he would be logged into our app. :/
How would I go about achieving this process flow in a Durandal/Web API Single Page App?
User logs in using fb ->
then on the server we get his fb userId ->
retrieve our internal appID
I'm not asking for a complete answer/for someone to do my work....
But any documentation to get me started/less confused would be greatly appreciated.
Here is a sample project which demonstrates how to use OAuth with Durandal and Web API:
DurandalAuth.
However there are some modifications in viewmodels needed, since router changed in Durandal 2.0.0.
Building first firebase app using phonegap and angularjs. It authenticates fine in Chrome and I get back the fb user id.
My problem is when I build it with phonegap 2.9 and login with facebook I get nothing but a white screen after login.
My limited understanding is that I'm probably not handling the callback correctly.
In my console logs I see:
Finished load of: https://auth.firebase.com/auth/facebook/callback/?firebase=mementomori
&internalRedirect=false&code=AQDLp_n5_JCnC4yc1OXcXhd2Xfty_UHy_2bmOpR
-JIbyeEZQfh9LCf02deQkXbtXQknxYpTf_XHGFiy4DB1S4Do6fILTmFZ2_z
-S_N872VhwtlWkkOam4I9iMKoqa8PF43jIIdfvTpg8CwPZMs3YrVwqwuJRKzkovBL6nWI8vtdSa
_CFnEhHanXHoaJ3mH7d2vmbhmNGusBkfRdqXnd3LEC1rUyY7hrEr4pfN3BCRAzzgY_
YTot0CUoqRImLPAI76qc18KWaCytZ0ueaMnH7zavkvNExpVSiKlPQBdLUQmFmZQa
FQc6gNWm3dfZTAJw9hLg#_=_
Can anyone offer any information on how I should handle this callback properly?
Solution
I got around my issue by logging in with the native phonegap fb plugin and then passing the auth tocken to firebase for authentication.
If you're using Firebase Simple Login with Phonegap, there are a few prerequisites:
You've included phonegap.js or cordova.js in your application.
Enabled the InAppBrowser plugin in your application.
With both of the above configured, Firebase Simple Login will behave equivalently in PhoneGap as in on desktop / web, where the callback you passed to the Simple Login constructor is invoked with login error or user object. Hope that helps!
I have a phonegap app that I use the Facebook plugin to implement single sign on. I registered am a native iPhone app since the app is not run in the browser. When I click on login I get an invalid URL error message. I suspect my problem is either I need to specify a URL which I have tried using channel in init but I get a URL not allowed with this configuration. The other problem may be that I need to register this application as a web app. However using phonegap the application does not have a url. I don't know what to do.
Any help is appreciated.
Thanks!
Did you look at the iOS URL scheme section of the Plugin's readme?
I am building a mobile app with jQueryMobile and I intend to deploy it onto iPhone thanks to PhoneGap.
My question is : how can I authenticate myself with Foursquare using the OAuth2 protocol in my jQueryMobile app ? One solution would be to use the useragent flow of OAuth2 but this would force the iPhone to launch Safari and thus not stay within the app. Are there any better solutions than this ?
For an iPhone-based or client-side application like you would have in PhoneGap,
Foursquare recommends one of these methods.
If you have no substantive server code, you can embed a web browser and use the token flow, redirecting the user to a dummy page on your domain. You can then grab the token off of the URL and close the browser. We have sample Android and iOS code for your reference.
If you have a server as part of your application, you can use the server flow above, possibly in an embedded browser. Similar to the Facebook API, you can add display=touch to your authorize or authenticate URLs to get a mobile optimized interface.
An alternative to the above is to use the server flow and an external browser, but redirect to a custom URI handler that brings the user back to our application. You can embed the secret in your application and exchange the provided code for an access token. PLEASE take steps to obfuscate your client secret if you include it in released code, and be prepared to rotate it if needed.
https://developer.foursquare.com/docs/oauth.html
This could probably be handled with the ClientBrowser plugin for PhoneGap or just adapting the sample code they have provided into PhoneGap plugins.
One of the core intentions of OAuth2 is to not allow browserless authentication flow like we did with XAuth in the past. Service providers want consumers to see what permissions they are signing off on, and want control of that process.
I'm not very experienced with Phonegap, as I'm a native developer, but if there's a way of instantiating a UIWebView and showing it to the user, you could at least keep the web interaction 'inside' of the application. Given phonegap is basically showing a UIWebView this should be possible. It is possible to examine the source of the html within a UIWebView using
- (NSString *)stringByEvaluatingJavaScriptFromString:(NSString *)script