ACS - Google OpenID Connect Migration - NameIdentifier changed - acs

we migrated our ACS Namespaces to Google OpenID Connect, according to the guidance:
https://msdn.microsoft.com/en-us/library/azure/dn927169.aspx
Unfortunately the NameIdentifier claim from Google changes after the migration, so we cannot map the existing users to the new identifier (subject); also our custom mapping to other resources inside the application breaks with this behavior.
In the migration guide it is explicitly stated, that this should not be the case.
Any hints? Thank you in advance...
Btw: According the guidance i should tag this post with 'acs-google', but this tag does not exisit yet, and i do not have the required reputation, to create a new tag.

We contacted Microsoft support, the problem could be reproduced, and now it is fixed.

Related

How to Delete Permissions from Linkedin App

I am trying to find the answer of something stupid, but I can't. Does anybody know how to remove the "w_member_social" permission from linkedin App (if there is a way to do something like that)? I need this because the client does not want to see the message "- Post, comment and like posts on your behalf" when authorizing linkedin accounts on our application.
Any other suggestion on how to solve that is welcome.
Thanks in advance!
Quick Fix:
Search for w_member_social string in your backend code if you find it in the configurations just remove it.
Explanation:
You can't remove w_member_social permission directly from the LinkedIn app, but it can be modified by making changes in the backend code of your application.
You need to follow certain general steps irrespective of the backend you are using:
Find out the library you are using for social authentication/OAuth2 service
Check library documentation for Application scopes W.R.T LinkedIn
go to backend configurations/settings file remove the option w_member_social from your configuration.
My Case:
My application backend was created using the Django framework and for social authentication, we were using python-social-auth library. I just navigated to my setting file and commented out w_member_social scope/permission.
SOCIAL_AUTH_LINKEDIN_OAUTH2_SCOPE = [
"r_basicprofile",
"r_emailaddress",
# "w_member_social",
]

How do I find the Google billing account/project related to an API key?

we look after some websites built by other people and have had issues with the map not working because the associated billing account is invalid, but we have no idea what account or project name it relates to! Is there a way to look up the API key and get back to the account? Thanks.
Right click on the screen and navigate to inspect element. You will get the code written, find out the api key written in the code. Go to your google api console find out the project which is attached to your api key.
Hope it Helps!
Thanks!

Goolge Signin stuck on loading page

Some users stuck on loading when they use Google sign-in in recent day.
This issue seems to depend on the account because I use the same device and tried to use different accounts to sign-in, this issue only happened on a part of accounts.
Below is my setting:
implementation "com.google.android.gms:play-services-auth:17.0.0"
Below is my setting:
implementation "com.google.android.gms:play-services-auth:17.0.0"
I tried to downgrade play-services-auth version, but it still not working.
Do you request additional scopes like "/auth/youtube" or google drive?
I believe it tries to show you this warning https://support.google.com/cloud/answer/7454865?hl=en, so maybe you need to verify your app.
Google says it is their bug and have corresponding issue filed in github
https://github.com/googlesamples/google-services/issues/413
You need to pass the verification process for the youtube scope anyway.
This issue is from google's side but for now, remove the consent screen from the test state and publish it. And It will work

How to set values of alfresco-global.properties programmatically

I was working in a client application with alfresco and in need to capture the changes in docs from user's alfresco account. From further reading I came to know that I need to set some properties in alfresco-global.properties file to enable change log audit. So is there anyway I can do this using an API without requesting user to do this ? Please help
I'm not sure something like that is possible, other then using JMX. I'd be happy is someone would prove me wrong, though.
http://docs.alfresco.com/5.1/concepts/jmx-intro-config.html
For Community there is no direct way to do this other than using addon's or writing your own custom code.
There are some ways you can use when using the JavaScript Api of Alfresco.
There is an Open Source module here using JMX and a paid one here using a custom Share page.

recaptcha https problem on https://api-secure.recaptcha.net/

I am using recpatcha on an SSL site but I am not getting the image on some browsers because the ssl certificate of it has been expired !
https://api-secure.recaptcha.net/
if I reference the non-secure link, the browser will give warning message.
so what is the alternative?
I am using it under ASP.NET MVC.
As Remy says, you need to update the links to point at Google's servers. See the announcement regarding the expiration of the old URL.
If you are using the .NET Library then you can update to the latest version
If you did not use the library then you can see the modifications made to the library here, and update your URLs in the same manner.
i.e. update https://api-secure.recaptcha.net to https://www.google.com/recaptcha/api
ReCaptcha was acquired by Google. Have you updated your code to use the new Google links yet?

Resources