I'm attempting to implement the GITKit in a Asp .NET Web Api 2 application.
I followed the instructions on the google developer kit. When I go to my sign in page, it redirects to accountchooser.com. So far, so good. I have a google account shown, so I select it. The page reloads, but it is completely blank. No call is received on my sign in successful url. The javascript console shows:
Uncaught Error: At least one sign in option should be specified! gitkit.js:250
Any ideas? What am I doing wrong? How does one debug the various calls to see where things are going haywire?
Thanks.
in your sign in html page where window.google.identitytoolkit.start() is called, you need to pass a configuration object to the start() method with signInOptions defined. Below is an example:
<script type="text/javascript" src="//www.gstatic.com/authtoolkit/js/gitkit.js"></script>
<link type="text/css" rel="stylesheet" href="//www.gstatic.com/authtoolkit/css/gitkit.css" />
<script type="text/javascript">
var config = {
apiKey: '...',
signInSuccessUrl: '/',
signInOptions: ["google", "password"]
};
window.google.identitytoolkit.start(
'#gitkitWidgetDiv', // accepts any CSS selector
config);
</script>
Related
I am trying to follow the tutorial here:
https://www.youtube.com/watch?v=ny92vcpOQFs
...but I get a 400 error back with the message "API Key not found. Please pass a valid API key".
The code section where the API key is provided is literally copied right from the GCP Identity Platform interface, and I have checked it multiple times.
I don't know where to go from here, all the tutorials just take it for granted that this works.
The minimal reproduction is as follows, although I get the same result if I try to use firebase-ui-auth:
<!DOCTYPE html>
<html>
<head>
<title>Identity Platform Test</title>
<script src="https://www.gstatic.com/firebasejs/8.0/firebase.js"></script>
<script> //this section copied directly from GCP
var config = {
apiKey: '<Private but 100% correct>',
authDomain: 'my-site.firebaseapp.com',
};
firebase.initializeApp(config);
</script>
<script>
let email = 'private#gmail.com';
let pw = 'private';
firebase
.auth()
.signInWithEmailAndPassword(email, pw)
.then((ac) => {
console.log('It worked.');
})
.catch((error) => {
console.log(error.toString());
});
</script>
</head>
<body>
Test
</body>
</html>
Just an update to say I've followed the instructions on both of these pages, made sure I have all the pre-requisites, etc. I feel like there's some underlying assumption that is made but not communicated:
https://medium.com/#ThatJenPerson/whos-there-implementing-identity-platform-for-web-c210c6839d3b
https://cloud.google.com/identity-platform/docs/web/google
It seems like a bug in GCP/Identity Platform.
If you start in Identity Platform, it will generate an API key for you. If you look at the Firebase console, the API Key will match there. ...but it won't work (for anything it seems).
If you then create an app (seemingly any app) it will regenerate the project API Key (which doesn't seem right). You don't need any of the App configuration information - just the apiKey and authDomain are required from the project, but now the API key (at the project level, not the App level) is regenerated (and GCP Identity Platform will now reflect this new key), and that newly generated API Key will work correctly.
The app can just be an HTML file sitting on your local computer and it will still work - but only if you set up SOME app in Firebase (even though you never use it for anything).
It seems problematic that both the projectId and appId are missing from the config. In my multiple Firebase authentication implementations, I always include those.
Inside your Firebase Project Settings, scroll down and copy the entire config just to be certain:
https://console.firebase.google.com/u/0/project/<YOUR_PROJECT_NAME_HERE>/settings/general
**EDIT (MORE INFO)
After visiting https://console.firebase.google.com and selecting your project, click the little gear icon in the top left > Project Settings > (scroll all the way down to the code sample they give you)
You would see something like this:
In this screenshot (purposely cut-off) you'll see:
const firebaseCon....
That's the entire config you need to be using - I've setup dozens of Firebase Firestore projects with all services and I don't leave out the projectId and appId ever.
Another thing to make sure of is that your Firebase Authentication has Email / Password enabled. Go to Build > Authentication > Sign-in method. Then make sure you've added and enabled Email/Password option.
I simply re-implemented OAUTH2 with Instagram and Firebase with the serverless framework. I took inspiration from this project:
https://github.com/firebase/custom-auth-samples/tree/master/instagram
I am hosting the main page index.html on a public S3 bucket.
My API functions are good, I am receiving the exact same content as with my local testing with the repository above. I have all the tokens that my app need (instagram token, firebase token...) so it looks all good from a server perspective.
The last call is returning this piece of HTML:
<script src="https://www.gstatic.com/firebasejs/3.6.0/firebase.js" </script>
<script>
var token = 'firebase_token_yyy';
var config = {
apiKey: 'firebase_api_key_xxx'
};
var app = firebase.initializeApp(config);
app.auth().signInWithCustomToken(token).then(function() {
window.close();
});
</script>
This is well executed as it is closing the pop-up for logging.
However, onAuthStateChanged is not triggered (https://github.com/firebase/custom-auth-samples/blob/master/instagram/public/main.js#L41).
This is weird since the main.js code was well initialized when opening index.html.
I also tried running a simple manual web server: same behavior.
Would it be related to AWS S3 ?
I also though that the browser would propagate the state across windows ?
There is no javascript error and the hostname was whitelisted for Firebase Oauth.
There seems to be a bug with the LinkedIn JS SDK. You're able to reproduce with the code they supply in the "Getting Started" section of the docs.
<!DOCTYPE html>
<html>
<head>
<title>LinkedIn test</title>
<script>
// Setup an event listener to make an API call once auth is complete
function onLinkedInLoad() {
IN.Event.on(IN, "auth", getProfileData);
}
// Handle the successful return from the API call
function onSuccess(data) {
console.log(data);
}
// Handle an error response from the API call
function onError(error) {
console.log(error);
}
// Use the API call wrapper to request the member's basic profile data
function getProfileData() {
IN.API.Raw("/people/~").result(onSuccess).error(onError);
}
</script>
<script type="text/javascript" src="//platform.linkedin.com/in.js">
api_key: [API_KEY]
onLoad: onLinkedInLoad
</script>
</head>
<body>
<script type="in/Login"></script>
</body>
</html>
If you put this code on a non-https site and hit that URL on iOS Safari, clicking the "sign in with LinkedIn" button will initiate authorization, but the 'auth' callback will never fire. Instead, you'll get a CORS error in the console:
"Uncaught SecurityError: Blocked a frame with origin "https://platform.linkedin.com" from accessing a frame with origin ..."
All other environments seem to work fine (e.g. Chrome, FF, IE, Desktop Safari, Android browsers, etc.). I'm also able to reproduce the issue if I set the user agent to an iOS device in Chrome's dev tools, which makes me think the JS SDK is doing user-agent sniffing.
Is there a workaround? Is the LinkedIn dev team aware of this issue? Did I miss a Monday detail?
PS This is probably related: Sign in with Linkedin doesn't trigger callback on iOS Safari when using the JS API
According to LinkedIn's Getting Started with the JavaScript SDK page, the LinkedIn JavaScript SDK doesn't support iOS 5+.
Note: The JavaScript SDK is not compatible with iOS 5+.
#degrassesagan I think you need to do the following:
function onLinkedInLoad() {
IN.Event.on(IN,"auth",getProfileData);
IN.Event.on(IN,"success",onSuccess);
IN.Event.on(IN,"error",onError);
}
There is also a side issue, I have discovered, in relation to the LinkedIn JS SDK. I am using mobile Safari 10.3.3, and although the login business logic executes correctly, the URL flow does not.
After a successful login, the page goes to a LinkedIn 'Page Not Found' page, rather than closing the current browser tab, to reveal the owner's page underneath?
I am not sure whether this is connected to the original question or not, but I would be grateful, if anyone could shine a light on this problem.
No matter how hard I try, and no matter the url format I'm giving in the Setting the SDK Domains section of the Linkedin Javascript SDK, I keep getting this error in my console:
Uncaught Error: You must specify a valid JavaScript API Domain as part of this key's configuration.
My setup it's as simple as possible :
<script type="text/javascript" src="//platform.linkedin.com/in.js">
api_key:afyXZGKtvrVoXXXX
</script>
I've tried all the URL variations in the SDK Domains section:
having localhost with and without port ( http://localhost:9000 )
having a custom hostname with and without port ( http://dev.local:9000 )
having a real existing domain name ( heroku app ) (http://somename.herokuapp.com)
Nothing worked, keep getting the same error.
Any advice appreciated.
Thank you,
Try this:
<script type="text/javascript" src="//platform.linkedin.com/in.js">
api_key:afyXZGKtvrVoXXXX
authorize: true
</script>
::UPDATE:: LINKS DO NOT EXIST ANYMORE!
Very strange indeed, this is definitely a bug! I did a test with app_id from another application and it worked.
See for yourself:
https://apps.megalopes.com/megabraziltv/test.php (app_id correct)
https://apps.megalopes.com/megabraziltv/test2.php (app_id from another application)
---/---
I found several people with the same question and all the answers are equal:
Site URL is not same as REQUEST_URI (Redirecting URL)
My app setting are:
Secure Page Tab URL: apps.megalopes.com/megabraziltv/...
App Domain: megalopes.com
code:
<div id="fb-root"></div>
<script src="http://connect.facebook.net/pt_BR/all.js">
</script>
<script>
FB.init({
appId:'123456789', cookie:true,
status:true, xfbml:true
});
FB.ui({ method: 'apprequests',
message: 'Here is a new Requests dialog...'});
</script>
This simple code is not redirecting to any other url. I tested on the js console getting the same results. Sometimes works and sometimes I get this error message:
API Error Code: 191 API Error Description: The specified URL is not
owned by the application Error Message: redirect_uri is not owned by
the application.
Regardless of being page tab or canvas, you must identify the website Site URL in https://developers.facebook.com/apps
How I fixed:
App Domain: megalopes.com (domain)
Site URL: / Secure Canvas URL: / Secure Page Tab URL: https://www.megalopes.com (subdomain)
I think I have run into something similar before.
In the summary page of your app ensure both the Secure Canvas URL and Page Tab URL are populated.
The URL in my redirect_uri should have "http://" in the beginning. It was missing the protocol information, thus leading Facebook not to recognize my website and throw this annoying 191 error. I finally found out after one hour pulling the hair I (still) have left.
You have to create a channel page, which allows "cross domain communication in certain browsers"
This is an html page (saying /channel.html) on your server, which only contains :
<script src="//connect.facebook.net/en_US/all.js"></script>
And make the Javascript SDK aware of it :
FB.init({
appId: 'xxxxxx',
cookie: true,
channelUrl: location.protocol + '//' + location.host + '/channel.html'
});
More about this :
https://developers.facebook.com/docs/reference/javascript/FB.init/
https://developers.facebook.com/docs/reference/javascript/
It's because of domain URL that you mentioned in facebook's mistake. Domain URL wont be like www.site.com
Update your domain url like subdomain.site.com.
Now it surely work.