Auth0 passwordless with google chrome extension - javascript

I'm using auth0 to authenticate users from my google chrome extension. in my main app I'm using passwordless and I want to use the same with chrome extension. I just couldn't find out how!
Here is the documentation that I'm following

You can make use of the auth0-chrome package, which also uses the Universal Login (previous "Hosted Pages"/"Hosted Login").
Note that you need to create a Native type application in your auth0 tenant and then provide that application's ID for the extension (in your background script's message listener).
The easiest way to read the repo's readme is to first read "Using the Library" (since that section explains the tenant setup and configuring the callback URLs, etc.) and then going through the "Usage" section (actual code examples).

Related

Can I use Google Auth 2.0 from any origin?

I develop modal window with React.js, that can be distributed for several sites via some kind of web application market.
So I faced the issue, that for any website, that would install this extension (btw it's builded to a simple html page + couple of js files, so app will be hosted directly on website of even customer), Google auth error will throw exception of invalid origin.
So is there any way to find a workaround for my case?
btw now I'm using react-google-login library
Google allows you to set multiple URIs. Just take a look in the settings.

Testing Chrome Extension APIs Locally

This is a pretty general question with a couple examples. I'm fairly new to writing chrome extensions and I seem to keep running into cases that are impossible to test without deploying to the webstore (which takes ~60m each time). This is an impossible workflow. Am I missing something?
Case 1 inline installation
Trying to set up inline installation from my site to a chrome extension. When I run the site locally i get the following.
Error downloading extension: Inline installs can only be initiated for Chrome Web Store items that have one or more verified sites.
But I cannot seem to add localhost website property in chrome's developer dashboard. What is the recommended way to do this in a dev environment. I tried using local.mywebsite.com and adding a local alias for localhost, but now chrome cannot find the verification file you are required to serve...
Case 2 Chrome Extension OAuth
Attempting to use chrome.identity.launchWebAuthFlow to setup user credentials in my extension for my website, but of course the callback url provided https://<ext-id>.chromium.org/provider-cb does not redirect to my local deploy of the extension.
Is there no way to test these things??
Regarding your error "Inline installs can only be initiated for Chrome Web Store items that have one or more verified sites.", you may follow the instructions given in this page.
You need to:
Go to the Webmaster Tools.
Add the site to your sites.
Obtain and embed a verification code into your site.
Complete verification in Webmaster Tools.
Go to your Developer Dashboard (must be under the same Google account) and edit your Web Store item.
Select your site in "Verify that this is an official item for a website you own:"
Here are some references which might help in testing extensions:
Testing browser extensions
How to test chrome extensions?

How to use OAuth with Facebook in a Safari App Extension

My question is similar to How to use OAuth with Github in a Safari extension, however, the answer there explains how to use oauth with the older safari extension API. I am trying to use OAuth with the new Safari App Extension API (https://developer.apple.com/library/content/documentation/NetworkingInternetWeb/Conceptual/SafariAppExtension_PG/).
The new API allows the writing of native code, in addition to providing the ability to inject content scripts. Where should I perform the authentication? I also developed a chrome extension, and Google provides an API for retrieving OAuth tokens (https://developer.chrome.com/apps/identity) -- however I do not see anything similar for Safari App Extensions.
Any help is greatly appreciated!
I am currently working on Safari App Extension similar to your needs and the logic, certs (if you use them) persistence, access and refresh tokens all of them goes to the native code. From the SFSafariExtensionHandler you can control the active window/tab and all the pages in the tab, also receive callbacks from the pages.
For the OAuth use any native lib. that solves most of your needs for the logic. I am using this one from AeroGear.
Some adaptation will be needed for the page controlling.

<a href="fb//"> open post/video Link in native App? [duplicate]

Some dev blogs have published information about the "fb://" url scheme for opening various views in the Facebook iPhone App. No matter how much I've searched, I haven't found one word from any official Facebook source about this.
Since the information is public anyways, I'm sure I'm not the only one who'd like to know, whether using this url scheme is officially approved, am I allowed to use it, does it work correctly, and if it's not approved, will it be and what's the approximate schedule for that?
Thanks in advance for any info on this subject!
It's there to support the iOS push notification system (i.e. you get a push notification that says "Friend's Name tagged you in a photo", and you tap on it, it takes you straight to the photo).
I'd assume it's not intended for third party use and therefore subject to change. Hell, Facebook's public-facing APIs are subject to change on a whim anyhow, so I'd be especially cautious about something they hadn't documented.
It's for iOS only. The iOS API lets you define you own URL scheme, so Facebook must have developed their application to register the fb:// URL scheme on iOS devices. It's not a feature that was created by Apple, it's something you, the developer, can make up.
Here are some resources you can investigate
The Facebook iOS SDK
Here on StackOverflow
A tutorial on how it works (not Facebook-specific)
You can use it from your own applications on iOS, but only if the Facebook application is installed. There are, however, plugins and browser extensions out there that mimic the behavior by handling the fb:// schema on your desktop browser.

How to access Evernote API in Firefox/Chrome extensions?

I am willing to fiddle with Evernote API and use it Chrome/FF extensions. What I learnt that so far no JS API available which makes me to think to make a middle tier service in php/python and let my extension to access Evernote via that service.
The place where I am confused is authentication. How do I make a user to authenticate with Evernote from a browser extension? If it;s showing a html static page which then redirects to EverNote Login Page and store access token etc at server side. How will my extension remember logged In details and make calls to service and create/retrieve notes in my Chrome extension.
The workflow of App is following:
User will be able to login on Evernote via Extension(by accessing page of Logging).
After successful logging notes will be retrieved via middle tier service in Chrome Extension via Ajax Request.
USer can then post note via AJAX call to service which will then eventually store in Evernote via its API
Please guide me.
There are no official javascript API. But you can find a few un-official ones.
Take a look here for example : http://discussion.evernote.com/topic/22476-api-for-javascript/
Don't know how they work however.
Here's another solution :
Not sure it's the right way to do it but you could mimic the way the evernote webclipper works.
Basically it uses a internal customerKey / customerSecret along with the username and password to retrieve an oauthToken. Then it uses this OauthToken for all api calls.
You can find the process in the Auth.js file of the webclipper source code.
On a mac, the file is located in /Users/%user%/Library/Application Support/Google/Chrome/Default/Extensions/pioclpoplcdbaefihamjohnefbikjilc/5.9.5_0/js/main/Auth.js
I don't know on other systems but it shoudn't be too difficult to find on Google.
Hope that helps.
Now you can find an official JavaScript library. (I'm not sure limitations of Chrome extension though)
https://github.com/evernote/evernote-sdk-js
I find it here.
http://discussion.evernote.com/topic/34619-how-to-access-evernote-api-in-firefoxchrome-extensions/#entry250743
The FAQ of the library says that
Can I test my code in the browser
Yes. You can test your code in Chrome. Open Chrome using open /Applications/Google\ Chrome.app/ --args --disable-web-security .

Categories

Resources