I am trying to authenticate a user with Azure Mobile Services from within a ASP.NET Web Form (.aspx.cs).
I have provisioned my Mobile Service to authenticate with Facebook using the steps described here: http://azure.microsoft.com/en-us/documentation/articles/mobile-services-windows-store-dotnet-get-started-users/.
This tutorial, however, describes authenticating in a XAML app where popups can appear, but I need to Log the user in within a postback of the web form, where showing a popup is impossible.
According to the docs I can do this by using the LoginAsync() function, like this":
MobileServiceClient client = MyAppsMobileClient.getClient(); //this handles setting the app ID and url
MobileServiceUser user = client.LoginAsync("facebook","");
Now, my problem is the second argument of this function. According to the docs, this is of type JObject, and apparently it is a JSON object I obtain from facebook when I first log in. Now, I can make a simple Login form for the user to enter his facebook ID and password, but I still don't know how to obtain the JObject I need to log in to Mobile Services. Do I need to delve into the Facebook APIs? Is this done using Ajax? Any examples, guides or tutorials on this would be welcome.
You can create a jObject from the data received from Facebook like this:
var token = JObject.FromObject(new
{
access_token = "YOUR TOKEN HERE"
});
This sample was taken from this SO thread:
Azure Mobile Service LoginAsync with Facebook Token is Unauthorized
And here you can read how to obtain an access token from Facebook using JavaScript:
Obtaining an Access Token
Related
I have been trying now for a while to retrieve Google Calendar information from a google user in Xamarin.Forms.
I started my journey using Xamarin.Auth but I could not get past an issue where after a login the CustomTab in my Android App would not close. Seems to have been an ongoing problem for years now and several people proposed hacks to get around this problem. I gave up on Xamarin.Auth at this point
So I tried to use Xamarin.Forms Web Authenticator to retrieve the calendar information. The documentation does not mention how to authenticate with Google so I tried this
var authResult = await WebAuthenticator.AuthenticateAsync(
new Uri("https://accounts.google.com/o/oauth2/auth"), // auth url
new Uri("packageNameOfMyApp://"); // redirect url
I am getting an invalid request error
How do I have to choose the first parameter of AuthenticateAsync to properly authenticate with Google?
Do I have to somehow encode the ClientId from my app I obtained after configuring my application login via the Google Developer Console?
It is not possible to use WebAuthenticator with Google. Google requires a web browser to do the authentication and does not permit your app to authenticate by itself. For the same reason, an approach where you use WebView in your app to navigate to the Google authentication site will fail
I know how to sync with Google Calendar API. We are trying to build a system where to sync the Google Calendar continuously without asking for the consent screen.
I did search a lot but it seems they sent nextsynctoken to get the full event list. but If I want to restart the sync after 2 weeks. how can I do it? without asking auth window or consent screen to the user?
Please let me know if its possible.
Thank you in advance
Saravana
All requests you are making to the Google Calendar API must be authorized by an authenticated user.
But since you are encountering a problem that looks like token expiration to me, why don't you try and refresh the access tokens you are using?
According to the Using OAuth 2.0 to Access Google APIs documentation
Access tokens have limited lifetimes. If your application needs access to a Google API beyond the lifetime of a single access token, it can obtain a refresh token. A refresh token allows your application to obtain new access tokens.
The nextSyncToken is a piece of data exchanged between the server and the client, and is used in the synchronization process.
You can keep on using the nextSyncToken but you will have to use a refresh token in order for you to not use the consent screen every time.
Here is a sample code from the Using OAuth 2.0 for Web Server Applications used to exchange authorization code for refresh and access tokens, using Python:
state = flask.session['state']
flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(
'client_secret.json',
scopes=['https://www.googleapis.com/auth/youtube.force-ssl'],
state=state)
flow.redirect_uri = flask.url_for('oauth2callback', _external=True)
authorization_response = flask.request.url
flow.fetch_token(authorization_response=authorization_response)
# Store the credentials in the session.
# ACTION ITEM for developers:
# Store user's access and refresh tokens in your data store if
# incorporating this code into your real app.
credentials = flow.credentials
flask.session['credentials'] = {
'token': credentials.token,
'refresh_token': credentials.refresh_token,
'token_uri': credentials.token_uri,
'client_id': credentials.client_id,
'client_secret': credentials.client_secret,
'scopes': credentials.scopes}
I suggest you check the following links since they can provide more information on your issue:
Using OAuth 2.0 to Access Google APIs
Authorizing Requests to the Google Calendar API
Synchronize Resources Efficiently
For other programming languages used for the refresh token, you can check this:
Using OAuth 2.0 for Web Server Applications
I'm working on chrome extension (provides main functionality) and the complementary website (mostly profile and billing related functionality) both backed with firebase backend.
I'm wondering if it's possible to implement the below scenario:
user logs in with the extension using firebase authentication (with firebaseUI lib)
I store a token that I can use to reauthenticate that user (is there such a token?)
when user opens the website, I login that user automatically with the token.
While both the extension and the website has their login/signup forms I'm wondering if it's possible to login user in the extension and to somehow automatically login that same user on the website so they don't have to enter their credentials twice?
So far I was hoping that I could use something like below:
firebase.auth().currentUser.getIdToken(true).then(function(idToken) {
console.log("idToken = ", idToken)
})
And then to use that idToken like this, since if I understand correctly, it's an AWT:
firebase.auth().signInWithCustomToken(idToken).catch(function(error) {
// Handle Errors here.
var errorCode = error.code;
var errorMessage = error.message;
console.log("signInWithCustomToken: error = ", error)
})
But it gives the following error:
code: "auth/invalid-custom-token"
message: "The custom token format is incorrect. Please check the documentation."
I can parse the token on https://jwt.io/ which shows all the user information but in the end it says "invalid signature"
So I guess this token can be only used to check authentication (like admin.auth().verifyIdToken(idToken)) but not to login user. Am I right?
I know I can create a custom token, but is there any straightforward way to workaround that and to login user from one place only using firebase funstionality? (of course without storing username/password)
You can't sign in with a Firebase ID token. What you can do is the following:
Keep the user session in the chrome extension and run all authenticated requests from there. Use postMessage (with origin verification) to talk with extension from app anytime a request is to be sent. With this you don't have to worry about session synchronization and no Firebase tokens are stored or passed to the web app or every web app that can access the extension.
Add a postMessage API to get an ID token from the extension after verifying the origin of the request. You can then send the request from the web app with the ID token. (less secure than 1 but easier to implement and session is stored in one place).
Create an HTTP endpoint that takes an ID token and returns a custom token. This would verifyIdToken and then create a corresponding custom token for that user using createCustomToken provided by Admin SDK. You then postMessage that from chrome extension to the web page after verifying origin and signInWithCustomToken with that custom token in that web app. This is the least secure as you are providing an endpoint to exchange a short lived ID token with an indefinite session. You will also deal with synchronization issues (user signs out from chrome extension, you have to sign out from websites, etc).
In one of the website I need login with facebook account. I am using following code on face book login button.
string callbackUrl = "https://www.facebook.com/connect/login_success.html";
Response.Redirect(string.Format("https://graph.facebook.com/oauth/" +
"authorize?client_id={0}&redirect_uri={1}&scope=offline_access," +
"publish_stream,read_stream,publish_actions,manage_pages",
1448xxxxxx781763, callbackUrl));
it shows 'Success' with access token url for a brief moment and then a security message appears and the access token is lost. How can I capture the access token? Thanks
Use your own domain for the callbackURL, not facebook.com.
That being said, you are better off by using the JavaScript SDK for login: https://developers.facebook.com/docs/reference/javascript/FB.login/v2.0
That way you donĀ“t have to worry about the Access Token at all.
how to finish off logging in with facebook account (and keep those details in membership db). I was reading around that one needs to get user's email, of course adding any email or name in txt box will not validate ... however it is possible to add it as another service after user logged in with any other method like google or so...
so how do i change the code to get user's email pulled from fb whilst using built in oauth model in .net 4.5