Google identity toolkit configuration page broken. How to configure now? - google-identity-toolkit

Tried to enter the configuration page of Google Identity Toolkit (from gear icon on Google Developers Console), but it directs to a page with only the server and client json templates, but no textBoxes to configure the toolkit.
Some days ago, same gear icon redirected to old google api's console toolkit configuration page.
How can i configure now the toolkit (or change a currently configured one)?

This display issue is caused by incomplete OAuth2 client information. Make sure you have set the "Authorized redirect URIs" in ALL your OAuth2 web clients under "Credentials" settings and try again. You can change the URI at any time so if you don't have a redirect URI now, just enter any valid url for testing purpose.
Let me know if it works for you.

Related

Website does not automatically redirect to adfs log in

I am trying to set up a company website to use an adfs log in system, using the instructions found on https://www.linkedin.com/pulse/how-implement-sso-aspnet-mvc-application-adfs-tuomas-kesti, but my site does not redirect to the adfs page, and instead loads the home page of the site as if nothing happened. Looking at the network page in inspect element shows that the site never calls or redirects to the adfs page.
In my web.config file, the realm and reply values are set up to the main site, with the issuer value being the adfs site and follows the same format of "https://sts.domain.com/adfs/ls/". The adfs site is up and running with and the thumbprint from its certificate is added in the tag. passiveRedirectEnabled is set to true in the tag.
Im not sure what the problem is, and looking it up online doesn't find me any results. If anyone has an idea on why my site isn't autocratically redirecting, that would be appreciated.
Yes, it seems that the code in your tutorial doesn't redirect automatically when no JWT is available. I.e. the last code sample should contain an 'else' that responds with a redirect to the ADFS login page.
Have a look at these samples for Azure AD:
https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-code-samples
I found them very helpful and they can (mostly) be used with a standalone ADFS as well. Most of all, they cover all sorts of solution architectures and framework versions.

Cannot Login to Microsoft Personal Account with Microsoft OAuth v2

I am trying to integrate Microsoft account login to my ASP.NET Core application. I have setup a microsoft application in the Microsoft Application Registration portal with the given redirect URI.
Here is a snippet from the Startup.cs file.
// Add external authentication middleware below. To configure them please see http://go.microsoft.com/fwlink/?LinkID=532715
app.UseMicrosoftAccountAuthentication(new MicrosoftAccountOptions()
{
// I can't post my secrets here
ClientId = "my_client_id",
ClientSecret = "my_client_secret"
});
When I run the app and login via Microsoft, I get redirected to the Microsoft Login page.
It has the following query parameters (with the id's removed)
client_id:my_client_id
scope:https://graph.microsoft.com/user.read
response_type:code
redirect_uri:https://localhost:44328/signin-microsoft
state:the_state
When I sign in with my microsoft personal account, I got redirected to an error page instead.
The URL says The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https://login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application
I verified that my redirect URL in the microsoft app is exactly the same as the redirect url passed to the Microsoft log in page so I don't know what's the issue.
Another weird thing though if I log in using a Work or School account, I can proceed properly and it redirects me to the callback page.
Can anyone please help me on this? Thank you.
Double check if you are using latest version of authentication middleware in your project (there was few changes few week ago due to changes in MS OAuth - now v2 it's in use).
Double check if you have created app under new v2 endpoint - read more here: How to register an app with the v2.0 endpoint.
Double check if you have created password for your app on Microsoft Site.
Check Live SDK support option in 'Advenced' section - this should be enabled (at least in my case, but look like this doesn't help in your).
Here you can find more information:
Microsoft account is experiencing technical problems. Please try again later. (GitHub #827)
External login via Microsoft Account failed on RC2/RC3 (GitHub #866)
Enabling authentication using external providers
Update:
Ok, I see now - you have two things:
missing https (ssl), see this post,
different port number - it means that is different url and this is reason of your problem - you'r using different url than registered with your app:
http://localhost:54554/signin-microsoft - registred in app
https://localhost:44328/signin-microsoft - form your error message
I have the same problem.
I use Microsoft Oauth 2.0 to solve this problem. You can find MVC .net sample at https://azure.microsoft.com/en-us/documentation/articles/active-directory-appmodel-v2-overview/

Anonymous Authentication in IIS over https does not fire a postback

I recently decided to change from using Windows Authentication for my internal web applications to Forms Authentication. I've not used the latter very much and one site explained you have to enable both Forms and Anonymous for this to work. The idea is to verify user passwords against an active directory then grant them access accordingly. I had this working just fine locally and when publishing to IIS 7.5 it still worked. It was just a basic Visual Studio project that would redirect to our homepage.
The problems arose when I tried accessing this same project securely with https, I included the full domain and it would load the new login page but when I clicked login it would do nothing. Since then I've scoured the web and found numerous mentions of this and that and tried many of them to no avail.
It was only later I created a blank project with a single button and one line of the code on the page to see if a post back had fired. After publishing I only enabled Anonymous Authentication in IIS and browsing to this basic test app using http when you clicked the button, false on the page changed to true - indicating a post back. Yet with https it just remains false. I think this may be why the active directory login wasn't working as it too had Anonymous enabled.
I'm still pretty new at the secure side of things but with the details passing over I have to use a secure connection just for the login then it can redirect to the usual applications we use internally.
I'd appreciate any thoughts you may have regarding this.
Thanks!
We use this configuration (anonymous IIS access, forms authentication, and https) successfully all of the time.
There are three things that you should do to track this issue down:
1) Verify that there are no javascript errors in the page that break the button (i.e. a javascript file not being delivered to the page)
2) Check the windows event logs for exceptions from asp.net/iis.
3) Install and run fiddler, select Fiddler Options... from the Tools menu, click on the HTTPS tab and ensure all of the checkboxes are checked, then run your website and look at the requests and responses, particularly when you press the button.

Facebook app with asp.net

I am trying to get my first hello world application on facebook using asp.net with facebook toolkit.
I am hosting my files on www.aspspider.info/jasminm89/ using it as a canvasurl
and link to my facebook app is http://apps.facebook.com/mytesterapp/
At that location i have: default.html page with the h1 tag with plain text.
When I visit my app on facbook I get message:
The page cannot be displayed
The page you are looking for cannot be displayed because an invalid
method (HTTP verb) was used to attempt access. Please try the
following:
Contact the Web site administrator if you believe that this request
should be allowed. Make sure that the Web site address displayed in
the address bar of your browser is spelled and formatted correctly.
HTTP Error 405 - The HTTP verb used to access this page is not
allowed. Internet Information Services (IIS)
Technical Information (for support personnel)
Go to Microsoft Product Support Services and perform a title search
for the words HTTP and 405. Open IIS Help, which is accessible in IIS
Manager (inetmgr), and search for topics titled Setting Application
Mappings, Securing Your Site with Web Site Permissions, and About
Custom Error Messages.
here source code from facebook, where it loads my page:
<form action="http://aspspider.info/jasminm89/"
method="post" target="iframe_canvas"
id="canvas_iframe_post_4e513da6b75410144827584"
onsubmit="return Event.__inlineSubmit(this,event)"><input
type="hidden" autocomplete="off" name="signed_request"
value="xxx....."></form>
One point here.
I setup my account on 000webhost.com and by default there is default.php created,
I copy the link to my facebook and it loads the page, it worked as well with plain index.html.
final
This error is because with IIS we can't use static html pages to be called in this way
I now upload plain .aspx page with some text and it worked.
First this sounds like an error with your server configuration, not with accessing the Facebook API/SDK.
Secondly, don't you need to add the call to the facebook SDK and include the <div id="fb-root"></div> ?
Or are you using the C# Facebook SDK?
I iis you can not handle post method coming from facebook including signed_request.
So firstly reconfigure IIS allowing handle post method. Or for simple start make index.html as the default document, put inside "hello world", then process the second step.

Cannot connect to Facebook Connect

I'm using the following step by step guide to connect to Facebook Connect:
http://msdn.microsoft.com/en-us/windows/ee702803.aspx
However I have a problem at the 'Authentication and Initiating a Session' stage.
When I go through the steps, I click on 'Connect' in my browser, which opens a popup, where I login to Facebook and 'Allow' the application to access my account. I'm then redirected to the filename I specify in thw 2nd parameter of the javascript function 'FB.init'.
However, this page then displays:
Please sign-in with Facebook.
Why is this happening?
I'm developing this on localhost, I don't know if that could cause a problem? Please help! Thanks.
You actually can use localhost. The one problem you may have is that there is a bug with the Facebook Javascript SDK in internet explorer if you are on a port other than 80 or 443. http://github.com/facebook/connect-js/issues#issue/106
If you check out my Facebook .Net SDK on codeplex you can download the sample app. As it is configured it will run locally. The one thing is you need to set your site url and/or canvas url to point to http://localhost:port#/
Do download the sample go to: http://facebooksdk.codeplex.com
I ran into a similar problem where I could not test Facebook on localhost. Due to security requirements from Facebook you must test from the domain you used to register your application.
Create a dev.yourname.com subdomain and test it there.

Resources