I am trying to use email verification in my Xamarin/Firebase app.
I currently have:
using (var actionCode = ActionCodeSettings.NewBuilder()
.SetHandleCodeInApp(true).Build()) {
await user.SendEmailVerification(actionCode);
}
This properly sends a verification email.
What I don't know is how to specify a callback in the app to catch user clicking on the verification link.
Any advice/guidance will be appreciated.
It's still unclear to me what's the point of the SetHandleCodeInnApp option. It seems to indicate that there is a way of handling the verification event in the app
Whether the email action link will be opened in a mobile app or a web link first. The default is false. When set to true, the action code link will be be sent as a Universal Link or Android App Link and will be opened by the app if installed. In the false case, the code will be sent to the web widget first and then on continue will redirect to the app if installed.
For more details, you could check the document. https://firebase.google.com/docs/auth/android/passing-state-in-email-actions
Related
I am currently trying to implement an oauth flow within a Teams Messaging Extension. I use ASP.NET and I managed to make the sign in process work, by using the sign in card recommended by Teams.
ComposeExtension = new MessagingExtensionResult
{
Type = "auth",
SuggestedActions = new MessagingExtensionSuggestedAction
{
Actions = new List<CardAction>
{
new CardAction
{
Type = ActionTypes.OpenUrl,
Value = authUrl,
Title = "OAuth"
}
}
}
}
This card has a button that opens a specific popup window (a Teams webview) which I can relocate to the oauth authentication page of a third party site.
All this goes very well, but when the user tries to log out, in my case it is not enough to just revert the tokens I got from the server, I also need to navigate the user to the third party site's /forcelogout subpage in the exact same webview which I used in the sign in process, to make sure the cookies related to the previous login session are getting deleted. By this I can prevent the login form getting auto filled and submitted when the user tries to sign in the next time they use my Messaging Extension.
My problem is that I can not find any way to open that exact webview from the Messaging Extension (this problem only occurs on the Teams Desktop Client, since the web version of Teams uses browser tabs instead of webviews and iframes). I tried using Task Modules, the dialog module, adaptive cards but none of them could open that specific webview that has the cookies for the login form.
Do you have any solution for this?
Authentication provider could receive an optional parameter to always prompt the auth-form by neglecting the cookies.
Using this way there is no need to open any webview when the user logs out.
I'm trying to migrate to the new Sign In With Google and I'm missing one crucial functionality I was using previously.
Basicly my application is working with locally created application users. At one point in the application, the user is prompted to login with Google Account to confirm that he's the correct user that will do some Google API action. I was able to achieve that with following code from the soon deprecated Google Sign-In library:
const auth = gapi.auth2.getAuthInstance();
if (!auth.isSignedIn.get())
await auth.signIn({
prompt: "select_account",
login_hint: employeeEmail
});
...
And it worked just fine. Now all the above methods are being deprecated and there are no direct replacements, or at least I don't understand how to achieve the same result. I am able to confirm the user identity by checking the id token received by using:
google.accounts.id.initialize({/*options*/);
...
google.accounts.id.prompt();
But if there's no google session active for the user, nothing happens.
The only way to actually trigger the Sign In is to click the Google Sign In Button, rendered using:
google.accounts.id.renderButton(htmlElement, {/*options*/});
After the button is clicked, the sign in popup is shown and everything is fine, the callback of the initialize configuration is called and the flow is resumed.
The problem is, how do I trigger the Sign In popup programatically? All of the above starts with a specific button click on my website.
FYI
I actually managed to reproduce almost the same behavior with the new API. It might not be the most elegant way of doing this, but I replaced the signIn method from my post above with google.accounts.oauth2.initTokenClient. Even though it should be used to only receive the tokens, it will also create a valid Google session that then can be detected by using silent auth (prompt: "none");
We are using the Microsoft MSAL library to authenticate our users. When a user needs to login, they are shown this dialog each time. Is there a way to disable this prompt so the login experience is more seamless?
This pop-up occurs anytime the app uses SFAuthenticationSession or ASWebAuthenticationSession, MSAL.NET does not control what is displayed there, as that is the point of the pop up, it is to initialize a private dialog with the user, outside of the app. From Apple's developer site: " users are prompted by a dialog to give explicit consent, allowing the application to access the website’s data in Safari. When the webpage is presented, it runs in a separate process, so the user and web service are guaranteed that the app has no way to gain access to the user’s credentials. "
#Jenny has the correct response. However, for using MSAL against Azure AD, using an embedded webview prevents the prompt from displaying.
The key is this line...
.WithUseEmbeddedWebView(true)
Here is a more complete example when acquiring the token interactively.
var authResult = await PCA.AcquireTokenInteractive(Constants.B2CConstants.Scopes)
.WithAccount(GetAccountByUsername(accounts, username))
.WithUseEmbeddedWebView(true)
.ExecuteAsync();
I have create an app to achieve login-with-linked-in functionality. Previously it worked fine, but all of a sudden it stopped working.
Previously if user already logged-in to LinkedIn, clicking the login-in-with-linkedIn button will lead user to there corresponding dashboard, otherwise login-popup open and user details get saved in db and user redirects to corresponding dashboard,But now nothing happening.
Note:- I have used my custom button to use this functionality. not the linked-in provided button code.
Here is my code and app creation steps:-
Button code:-
<?php echo Labels::getLabel('LBL_Linkedin',$siteLangId);?>
Javascript sdk code:-
<script type="text/javascript" src="//platform.linkedin.com/in.js">
api_key:*********
authorize:true
</script>
<script>
function doLinkedInLoginForBuyer(){
IN.User.authorize(function(){
onLinkedInAuth();
});
}
function onLinkedInAuth() {
IN.API.Profile("me").fields("email-address","first-name","id").result(function (data) {
processLinkedInUserDetails(data);
}).error(function (data) {
$.systemMessage('There was some problem in authenticating your account with LinkedIn,Please try with different login option','alert alert--danger');
});
}
processLinkedInUserDetails = function(data){
data = data.values[0];
fcom.ajax(fcom.makeUrl('LinkedIn', 'loginLinkedIn'), data, function(t) {
var response = JSON.parse(t);
if(response.status ==0){
$.systemMessage(response.msg,'alert alert--danger');
}
if(response.status ==1){
location.href = response.msg;
}
});
};
</script>
Note:- It seems that onLinkedInAuth() as well as processLinkedInUserDetails() functions are not called at all now. Previously they worked fine.
Let me know if any other details are required. Thanks!
After a long discussion with LinkedIn Customer Support they just said that they didn't support API-related issues. They asked to buy a premium account for any kind of technical support
Also I come to know that they stopped giving support for Javascript SDK.
Check here:- JavaScript SDK is not currently supported
Solution:- Now I followed the below post and make it work:
https://www.codexworld.com/login-with-linkedin-using-php/
Visit LinkedIn Developers page and log in with your LinkedIn account credentials.
Click the Create app button to create a new LinkedIn app.
Provide the information about your app and click Create an app to submit the app registration form.
App name – Name of the application.
Company – Name of your company.
App description – Workflow of the application.
App logo – Logo to display on the OAuth dialog.
Privacy policy URL – URL of the Privacy Policy page.
Business email – Your email address.
Products – Select the products that you’d like to add to your app.
On successful app creation, the page will be redirected to the App settings screen.
Switch to the Auth tab » Scroll down to OAuth 2.0 settings section.
Specify the redirect URL in the Redirect URLs fields and Update the App settings.
Note: The Redirect URLs must be matched with the Redirect URL that is specified in the script.
In the Application credentials section, you will see the Client ID and Client Secret of your LinkedIn App. The App ID and App secret need to be specified in the script at the time of the LinkedIn API call.
Now you have to create PHP code that will call linked-in API with the help of Client ID and Client Secret.
Kindly check Php code of thread for example.
I'm trying to implement verification of a user's email (with the default verification URL in the email template), AND an ActionCodeSetting URL (dynamic link) to bring the user back to the app. I'm baffled by how Firebase's email verification with ActionCodeSetting is supposed to work. I have read every available page of documentation and it is still unclear to me how to properly configure the "continue URL" to NOT preempt and override the default verification URL.
What I have done:
I tested the email verification with the automatically generated email verification link. It worked.
I then added an ActionCodeSetting URL that uses a domain that is added to the Associated Domains of the XCode project. This worked to bring the user back to the app after clicking the verification link.
Problem: the email verification no longer works.
Here is the code I have implemented:
var actionCodeSettings = ActionCodeSettings.init()
actionCodeSettings.handleCodeInApp = true
let user = Auth.auth().currentUser
let urlString = "https://blaproject.page.link/zCB4"
actionCodeSettings.setIOSBundleID(Bundle.main.bundleIdentifier!)
actionCodeSettings.setAndroidPackageName("com.example.android", installIfNotAvailable:true, minimumVersion:"12")
Auth.auth().currentUser?.sendEmailVerification(with: actionCodeSettings, completion: { (error) in
print("verification email sent")
print("action code setting URL is: \(String(describing: actionCodeSettings.url))")
})
Here is the default verification URL from the email template in the Firebase console:
https://blaproject-ea9d6.firebaseapp.com/__/auth/action?mode=&oobCode=
And here is the verification URL that gets sent by the above code:
https://blaproject.page.link?link=https://blaproject-ea9d6.firebaseapp.com//auth/action?apiKey%3DAIzaSyAi1fxd-HdkfXzYJxTpwmB3_mVCy5gvWxA%26mode%3DverifyEmail%26oobCode%3DqjvGoqc1n3ya0OIi_tWIYTpp59DYKgB6Sbj0EymN2IkAAAFkYNutMA%26continueUrl%3Dhttps://blaproject.page.link/zCE4%26lang%3Den&apn=com.example.android&amv=12&ibi=blaproject.blaprojectV0-2&ifl=https://blaproject-ea9d6.firebaseapp.com//auth/action?apiKey%3DAIzaSyAi1fxd-HdkfXzYJxTpwmB3_mVCy5gvWxA%26mode%3DverifyEmail%26oobCode%3DqjvGoqc1n3ya0OIi_tWIYTpp59DYKgB6Sbj0EymN2IkAAAFkYNutMA%26continueUrl%3Dhttps://blaproject.page.link/zCE4%26lang%3Den
So my question is, why does this URL not verify the user's email and then use the continue URL (and the associated domain) to trigger the app to open? It only triggers the app to open, without verifying the user's email.
Thanks for any tips you can provide to help me understand what I'm not understanding :)
When the link triggers your app to open. You need to parse the oobCode from the deep link. You can use FDL client library to get the deep link. Refer to the following documentation on the format of the deep link and how to parse the code: https://firebase.google.com/docs/auth/custom-email-handler
Once you get the code, you need to apply it using the auth.applyActionCode(code) API. This will verify the email.
After verification, you can call user.reload() to update the emailVerified property on the user. You can also force user.getIdToken(true) to force refresh the token with the updated verified email if you are using Firebase security rule.
For get correct 'oobCode', when you handle the URL in the App, make sure, that you are decoding URL from UTF-8. Because it has other symbols in the URL query.
Example how to encode: url.absoluteString.removingPercentEncoding