I am using the Facebook login api in my website, currently I am checking if the FB userid exist in my SQL Server database, if it does, the user is allowed to access my website else he will be directed to the Facebook registration plugin page.
The thing is I am also using aspnetdb which in my web.config authorisation, I block all users accept for users who are logged in and authenticated by the aspnetdb membership provider, hence my problem is for users who uses logs in successfully with Facebook gets block by my app's non-fb login page. How should I go about authenticating users who logs in via Facebook? Thanks.
Facebook login/registration API provides you with the FBUserid, it should be stored in your SQL server DB against the user. If a new user comes to your website and registers via FB, you should generate corresponding user in your database too with some default password (random and different for each user) You can provide the functionality that, if a user registered with FB wishes to user your application's login, you should send him the default password via email and ask him/her to change on first login.
Related
I want to change user password form admin. Users are login with firebase email and password option. Admin is also login with firebase. How can change the user password with web api?
There is no way to change another user's password with the client SDK.
Firebase Authentication doesn't have any concept of an admin user. That means that it can't grant special privileges to a user that you consider an admin.
There is however an Admin SDK, that runs with administrative privileges, and has the option to change the password (and other profile data) of any user in the project. This SDK is meant to be used on a so-called trusted environment, such as your development machine, a server you control, or Cloud Functions.
You could wrap the Admin SDK in an API endpoint that you can call from your web client code. Just be sure to check in the custom function whether the user is authorized to change the password.
I'm currently working on a project where we want to connect facebook profiles to existing (and logged in) Okta users.
The website is made in ASP.NET using Sitecore 6.5.
We use the "Authorize URL" to do our login and account linking with redirect callouts.
I can register and create an account with the facebook identity provider when the user isn't logged in in Okta. In this case it follows the Callout redirects and we get a tx_id. Hover when you're logged in to Okta and you visit the same "Athorize URL" it follows the redirect_uri where you get a id_token as result. this is an JWT string which I managed to decode (example result).
How can I use the information in the JWT to link a user to the identity provider? Or is there another way to do this? I can't find any methods or API calls to add a user to an identity provider without the tx_id.
I believe you used https://developer.okta.com/docs/api/resources/social_authentication.html to add FB social auth for users. Yes, once you browse the final url
https://example.okta.com/oauth2/v1/authorize?idp=0oa0bcde12fghiJkl3m4&client_id=AbcDE0fGHI1jk2LM34no&scope=openid%20email%20profile&response_type=id_token&response_mode=fragment&state=someState&nonce=someNonce&redirect_uri=https://app.example.com/social_auth
you will be redirected to your app https://app.example.com/social_auth with id token in the url. In the redirected app you can read, decode and create session for user. However, the same user profile is also created in Okta.
Once the social auth user profile is created in Okta, you can use that to get id token next time.
I want to use the Windows Live Id Authenticaiton in my Asp.Net/MVC web application, but I do not want to use the Login screen provided by Microsoft.
I want to have my custom page for login, take username and password from User and then send these credentials to the Windows Live ID, to Authenticate, and I get back the response if the user is authenticated or not.
Is this possible?
I want to have my custom page for login, take username and password from User and then send these credentials to the Windows Live ID, to Authenticate, and I get back the response if the user is authenticated or not.
You missed the point of single sign-on authentication. Using that, the user does not provide their credentials to your site, but to the SSO provider. That provider gives you a token which lets you act on behalf of the authenticated user.
The user's credentials are never received by your site.
So no, you cannot, nor should you want to, do this.
Background: I'm using Open ID authentication in my asp.net website. Here is how it works currently - User would pick an Open ID provider from dropdown (google/yahoo/myopenid/etc..) and then click on Login button. The application would then pass the user to the provider authentication page. On successful authentication and authorization on the open ID provider site, user is directed to my application. So far, so good.
Problem: On the Open ID provider authentication page, if the user chooses/clicks Sign Up, then the provider is following its own workflow and the control never returns to my application.
Question: Is there a way where I can disable the dynamic registration on provider (i.e., the Sign Up)?, so that, the user would then be required to register with the provider and then use my application? Or
Is there a way that I can get the control back once the dynamic registration is done?
No. The OpenID protocol has no such provision and while it would be courteous of a Provider to remember to ultimately redirect their new user back to your site, not all do.
To authanticate users in Asp.net Membership we can call method
FormsAuthentication.Authenticate(username, password)
how can I do the same job (generate session, cookies and all other staff that Authanticate does) without users password?
I'm trying to login user over facebook connect. User's facebook id is stored within the users data. User should be signed in like a normal user.
I think you can use the SetAuthCookie method.
more info here http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.setauthcookie.aspx