Ngrok not working in blackeye :(
enter image description here
enter image description here
Hacking, phishing, etc is not allowed on the ngrok platform. Even "ethical hacking" is against the TOS.
As soon as you are detected or reported, your account will be blocked.
- an ngrok employee
Related
I have implemented the reset password link for my app (using exactly the same firebase code provided at https://firebase.google.com/docs/auth/web/manage-users). It works well when I tried it using a gmail account that I have registered previously on the app (I received the reset password link on gmail and able to change for a new password). However, when I tried it with other email domains (like professional work or school domains e.g #mycompany.com or #school.edu), it does not seem to receive the email (not in junk/spam too). It is very weird because I do receive the 'email verification' link (from firebase) using other domains when I registered using the app but not when I tried to reset the password? Any ideas on how to approach this problem?
As an FYI, currently in Jan 2023, Microsoft 365 business blocks these emails from ever reaching the target mailbox, even if you change the SMTP settings in firebase.
They still appear in your own SMTP sent section, they just never get delivered by MS
Open firebase console goto Authentication then click on Templates > Password Reset then copy given email address (it seems like, 'noreply#YOUR-PROJECT-NAME.firebaseapp.com') then open your Gmail account and paste that email id in search section the tap on 'view message > move to not spam'
This will surly help you
Thanks
Meet Patel
If the code is the same and you don't get an error message, it is extremely likely that the email gets blocked somewhere along to the way to the target mailbox. You'd have to reach out to the system administrator and see if they can find the message somewhere in their spam filters, and ask them to modify the configuration of those to no longer block these messages.
As ganey stated, the problem is that certain email filters such as MS 365 do not accept mails that contain links that are not in pair with the sender domain.
The solution is to add a customized action url that points to the same domain as your sender domain.
Then you need to redirect from that url to the url generated by firebase.
Note:
If you do this in react or another SPA, don't forget to append the query params.
Can't login using Google Auth,
Error 403: org_internal
This client is restricted to users within its organization.
Go to cloud console (https://console.cloud.google.com/apis/)
APIs and services
Credentials
Oath consent screen
Ensure Application type is set to "public" and not internal.
Obviously assuming that you are creating an app that should be accessible outside your org. If this is related to testing and phones, it is possible to create testusers that are excepted from company policy rules.
The reason for this error is indeed because the Application type is set to "internal".
But setting it to public is not always the right answer...
Add "&prompt=select_account" to the authentication url. This will force the user to select the correct (organization-)account.
Without the parameter, Google tries to show the consent screen for the logged in Google-account, but as it is not an organization-account it will just display the 403 page without giving the user this choice.
https://developers.google.com/identity/protocols/OpenIDConnect#prompt
I had an Internal app that I was trying to authenticate with one of our YouTube channels using an organization account, and I was getting the same error:
Authorization Error
Error 403: org_internal
This client is restricted to users within its organization.
After contacting Google Workspace Support, they asked me to Change the restriction on it from Limited to Trusted.
Steps are mentioned in this support thread: https://support.google.com/a/answer/7281227
Open the Google Admin Console.
From the sidebar menu, choose: Security → API Controls.
Click on MANAGE THIRD-PARTY APP ACCESS button.
Hover the cursor over the required app and click on Change access.
Choose the option: Trusted: Can access all Google services
And save the CHANGE.
Once you've done, take note that there will be 24 hours of propagation on it before it gradually takes effect.
Make sure, for the browser you are using, that you have logged out of "All" Google account(s). This should force the "select account" windows to display.
We have almost exactly the same problem while trying to configure WP Mail SMTP for Wordpress.
The OAuth Client's Application Type has to be "Internal" so changing it to "External" was not an option for us.
Hope this helps.
I had the same issue and in my case was because the project didn't had a support email address set it.
I fix it by adding one on the Firebase Console > Project Settings > General under the Public settings section.
This error is most likely due to the configuration of your application in Google Cloud Platform.
Setting your application to "internal" is causing this error. Try making your app "external" in the OAuth consent screen, but make sure it is in a "testing" status. Then, add yourself to the test users. This configuration will work well for an internal, lightweight application.
Once complete, try to authenticate with the channel again.
I had the same issue with a project. The error only appeared if I tried to log in to my app while already logged in with an account outside the organization (worked just fine while logged out of all accounts, or while logged in with an internal organization account). I had to change the OAuth Client's Application Type from Internal to Public in the Google Dev Console.
More info can be found at https://support.google.com/cloud/answer/6158849?hl=en
Maybe you have another google email to login, not the correct one.
So I've followed the guide here https://firebase.google.com/docs/auth/android/email-link-auth and am able to make an email get sent out successfully.
If I click that link on my desktop, it tries to take me to a website with the following image
Should I be writing my own server based app to authenticate this? I assumed Firebase would handle that for me. The guide doesn't mention anything about what happens at all.
It does talk about this
// URL you want to redirect back to. The domain (www.example.com) for this
// URL must be whitelisted in the Firebase Console.
.setUrl("https://www.example.com/finishSignUp?cartId=1234")
I changed it to use the domain of my firebase app/project e.g. myapp-123456.firebaseapp.com, assuming that Firebase would have something to handle this.
Am I missing a large section of documentation?
I have built a chat bot for WeChat and connected it to a WeChat official page on https://admin.wechat.com
However, I can no longer login to the admin website. It gives invalid user/password, but I know they are correct. When I use the same user/password to check the account status it says the account is active.
Also if I try to reset the password it gives me the error "Server Busy", the same all week. It was working a few weeks ago.
I also tried login on https://mp.weixin.qq.com but I think you need a China account to connect to it?
Can anyone with an official WeChat account check if they can sign in?
This is a login page which works for me right now: https://mp.weixin.qq.com/debug/cgi-bin/sandbox?t=sandbox/login
It is for sandbox mode only, if you have official WeChat account, and wish to run your bot in production with full capabiities ensbled, you need to login differently.
You don't need a Chinese account to login to weixin sandbox.
If you go to https://wfolly.firebaseapp.com/, you'll be able to log in with Facebook by clicking "Iniciar sesion". You'll then see your name next to the log out text "Cerrar sesion - YOUR FACEBOOK NAME".
However, while auth works on wfolly.firebase.com above, it does not work on https://debatenomasafp.org/, my own domain connected through Firebase Hosting to Firebase's own wfolly.fire(...) URL.
"Does not work" means you won't see your name next to the log out text "Cerrar sesión", and generally won't be able to interact with the website as if you were logged in.
What is wrong? Why are they not behaving identically?
I know the deployment version is the same in both sites because the current deployment reflects a late change in both URLs, not just Firebase's.
Authentication also works fine on localhost:8080 pre-deployment.
It may or may not be relevant that I am using Re-Base (github.com/tylermcginnis/re-base) for authentication requests.
Kato, in the comments above, gave me the answer through Slack.
I simply had to authorize the new domain in Firebase's console's "OAuth redirect domains" setting, under "Authentication".
Just adding to the answer above. Thought an image would be helpful ;)