I'm trying to upgrade our app to use the newest OAuth 2.0 Javascript code. In my app settings under "Migrations" I have everything enabled. (OAuth Migration, Upgrade to Requests 2.0, etc)
After calling FB.init with: oauth: true.
Then calling FB.getLoginStatus (same for FB.login) and checking my response object I have a response.session but not a response.authResponse? Anyone know of any settings I could have missed or what would cause the oauth FB calls not to return the authResponse like the documentation states?
response.status is there, but not response.authResponse.
it sounds like to me there is problem in your upgraded code.
To isolate the problem, create a new fb app, then use your upgraded code and see what happens. For the app, simply set the canvas url / site url. For all those "migration settings", just takes the default value.
With this, you can be sure that this is nothing caused by misconfigured of FB settings.
and if you get response.authResponse, then you can compare the current fb settings between these 2 fb apps.
As #Eddy Chan suggests in his comment, it sounds like the JS SDK isn't actually being instructed to use the new OAuth flow, probably due to a misspelling of the oauth: true parameter.
Related
After months of developing a Web App under Firebase suddenly these days we have a problem with the Authentication, it returns this console.alert only with Facebook and google login (email/pass login works fine):
[firebase-auth] Info: The current domain is not authorized for OAuth
operations. This will prevent signInWithPopup, signInWithRedirect,
linkWithPopup and linkWithRedirect from working. Add your domain
(front.qualify.mx) to the OAuth redirect domains list in the Firebase
console -> Auth section -> Sign in method tab.
The App uses 3 different sub-domains, and in all 3 we can access over email/pass but not Facebook nor google.
We tried updating the Firebase initialization script, nothing. We have checked the API keys (in the Google APIs Credentials) and there was a new "Server key (auto created by Google Service)" which no one told us it was generated (Jan. 18th), so we edited it to include the domains as the original API key in different ways (w/wo * and /*), nothing. We deleted this new Server Key, suddenly something different, now the console includes a 403 error before the alert stated above and returns auth/timeout code inside the object.
We also found the Identity Toolkit API has detected many errors, so we tried to add the URLs for login, logout and email, but nothing happens when trying to save.
What are we missing?
The solution was adding my-app.firebaseapp.com (being my-app the unique identifier of our Firebase App) to the HTTP referrers in the Browser-Key Credentials from the Google APIs console and wait some time to propagate.
After many months of development the app never had a problem, and we are sure we never removed such referrer (if it was ever there).
Anyway... it's done and learned.
The simple way I was able to solve this issue I had with my ionic project was by following the instructions in the log, if you don't see any message try console log the response from firebase.
So what I simply did was follow the url: https://console.developers.google.com/apis/api/identitytoolkit.googleapis.com/overview?project='projectId'
*projectId = the Id of your project
and enable the Identity API something it brought up. Finish, and it worked instantly.
I've used the v1 of the Dribbble's API to show all my shots on my portfolio page. It requires the Client Access Token and nothing more. A few days ago I updated Client Access Token and got the error which says that v1 API is deprecated and I must use the v2. I read the documentaion and didn't find any approaches to use the API without OAuth 2.
Is it possible to use updated Dribbble's API without OAuth 2? According to the docs I can't show shots in my portfolio as I did before.
You will need to use OAuth and if you notice v1 will be deprecated come March 2018. At first I was somewhat confused by v2 documentation in obtaining an access token but after spending a little time experimenting I was able to figure out how to get an access token.
First you will need to Register Application. Do note what you put in the Callback URL because it's important later.
For example, my callback url is http://grim.com
Referencing OAuth on my Mac in the terminal I ran a curl:
curl GET https://dribbble.com/oauth/authorize?client_id=CLIENT_ID_FROM_APPLICATION
After running the curl I copied the link returned from the response and ran open URL which in the browser I was prompted a sign in. After sign in I was asked if I wanted accept, then I was redirected to the Callback URL. In the browser copy the last part of the code from the redirect, the URL will look like this:
http://grim.com?code=sadhjsahdjksahdjsahdjsahdkjsa
After copying the code (?code=sadhjsahdjksahdjsahdjsahdkjsa) I opened Postman and changed it to Post from Get.
I passed:
https://dribbble.com/oauth/token?client_id=CLIENT_ID&client_secret=CLIENT_SECRET&code=sadhjsahdjksahdjsahdjsahdkjsa
I was returned:
{
"access_token":"1323213h23h2131j2h3jk12",
"token_type":"bearer",
"scope":"public",
"created_at":13211421
}
Using the token in the terminal we can do:
curl "https://api.dribbble.com/v2/user?access_token=1323213h23h2131j2h3jk12"
and a return of the user should be in the terminal. There might be a better solution out there but hope this helps.
I try to migrate my google-auth-only project from firebase 2.x to 3.0 using the web-sdk example from:
https://github.com/firebase/quickstart-js/blob/master/auth/google-redirect.html
After setting up the initialisation-code with apiKey (via Google-Developer-Console - used the server-option) and all the other needed options, i use the "login with google"-button.
After this, an redirect-screen appears, then redirecting back to starting page and getting an "auth/internal-error".
Any suggestions?
I would recommend importing your project in the Firebase Console rather than configuring keys manually if possible, but appreciate there are some cases where that isn't ideal.
For the API key, try switching to the "Browser" type key rather than the "Server" one for anything running in the browser, and make sure it is approved for the domain you are using.
Google Sign In will need a client ID as well. The easiest way to implement is to use the signInWithPopUp method, but there are instructions for manually configuring the Google Sign In lib too.
If you do need to create a client ID, you can see the full instructions in the Google Sign In documentation.
I'm at a total loss here. I believe I'm right in thinking there is no longer any JS API for twitter which just sucks hugely.
However I realise looking at this I could just use ajax and react to the responses from this:
https://dev.twitter.com/rest/reference/post/statuses/update
OAuth Signature Generator
Example Request POST
https://api.twitter.com/1.1/statuses/update.json?status=Maybe%20he%27ll%20finally%20find%20his%20keys.%20%23peterfalk
However when I post to that url I get the following:
{"errors":[{"code":215,"message":"Bad Authentication data."}]}
Bad Authentication data -> this is very self explanatory: Your Authentication is Bad; in other word, you are not authorized to use that API method.
Since you use POST method, make sure you set your APP access level to Read & Write.
Sign in to apps.twitter.com, and in the Applications Management page for your app, click the Permissions tab. There you can change your access level.
For further reading, please see this answer.
I'm trying to build a client-side application that allows people to login with their Instagram accounts. Problem is, I'm not sure if that's still possible.
I've coded a sample JavaScript after reading "Client-Side (Implicit) Authentication" section of their related docs.
I'm getting the following error:
{
"code": 400,
"error_type": "OAuthException",
"error_message": "JS login temporarily disabled"
}
From the error message I'm guessing it's not about my code but it's something on Instagram's side. Is there a way for me to do client-side login? Also, if I can't, what are my options?
Thanks.
I had similar issue and this is how I fixed it.
You have to uncheck the "Disable implicit OAuth:" by going to :
-> Manage Clients
-> Click edit on the app/webapp.
-> Uncheck - Disable implicit OAuth:
-> Update the settings and try to run it again by going to the link :
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
In the link, replace the values that were provided to you and in the response_type, give value as token to get the access token and if you want to get the request code, just replace token with the code in the URL.
Hope this helps for you and for future viewers.. Good luck.. :)
Just unset the "Disable implicit OAuth:" in app settings.
So, it seems it's impossible to do JS login at the moment with Instagram.
But they still allow implicit redirects so the solution is to have a server to make a redirect to your client side application. You only need two endpoints. I've written a small Node.JS app for this which you can find here.
I had tried for the same,I think there are not still providing any api to login with Instagram credentials username and password,You can just authenticate your account via
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code