Opening Phonegap ChildBrowser Plugin Window Just for Website Authentication? - javascript

I have a slight issue that someone might be able to point me in the
right direction. As I'm a web guy but have little knowledge of
objective c.
I am trying to retrieve some information from a website in javascript
in my project that requires me to post login information to it (no
problems there using Jquery $.post). The page I'm trying to return is
only accessible after logging in (in a browser the site checks cookies
and user-agents plus a bit of javascript leg work).
How can I create a hidden UIWebView that would do the login page
(there for creating the correct session variables etc) so that I can
retrieve the information I need?
Or is there a way I can get ChildBrowser Plugin to do this for me? If
so how would I tell the Childbrowser window to close once it has
reached the post-login page ?

I ended up finding some type of solution.
http://www.pushittolive.com/post/1239874936/facebook-login-on-iphone-phonegap
Using that example I was able to set up childbrowser to open the login-action page, then detect the change and close the browser window.

Related

Force facebook to open link in external browser for smart phones

How can I post a link to my website in a Facebook post, and have it open in the user's external browser when using smartphone app, not Facebook's native browser, which is not displaying properly? My page is http://www.hannabery.com
On Android, you can use Firebase Dynamic Links to let user open specific URLs by external browser. I guess that Android webview is equipped with some Firebase SDKs, so this method only works on Android. User still opens link by in-app browser on iOS.
Create a project and a domain for dynamic links
Manually create the link like: https://DOMAIN.page.link/?link=YOUR_DEST_URL
(Or there're many other ways to create links)
For example, post this link on Facebook or Messenger and try it:
https://fugle.page.link/trade-landing-page
Note: Dynamic Links are mainly used to provide consistent and smooth UX across platforms and app installs. This is just a side effect I discovered may help to answer the question, and it may not last long and so should not be taken as the final solution.
Hope that this way can help you:
var ifc = document.createElement("div");
ifc.innerHTML = `<iframe src='${browserScheme}${target}' style='width:0;height:0;border:0; border:none;visibility: hidden;'></iframe>`;
document.body.appendChild(ifc);
Full sources and example: https://github.com/huantt/force-open-browser/tree/master
https://github.com/huantt/force-open-browser/tree/master I thought this one only worked when link is sent on messenger. But any link clicked on fb messenger is going to ask what browser you prefer. I used the code on my page and I posted the link on FB and it is opened by the FB browser. How annoying :(
This cant be done (for obvious security reasons) but there are ways
1.Create an app for your website
If you create an app for your website then theres no need for facebook in the middle of things
2.Create an app displaying facebook page
As long as its your page and not something misleading then this is allowed and you can do some pretty neat stuff in android studio
for example if you post a like
mywebsite.com/forum/
theres this cool function you can use .endsWith("/forum/") from there you can make your application do ANYTHING when a link is clicked that ends with "/forum/"
A few things ive done
Redirect to that link
open browser to display link
Move to portion of app
Display dialog boxs
and theres much more your able to do
If you are having issues with your PWA not running correctly in Facebooks (insert expletive) Mobile Browser. Using dynamic links will force it out to the regular browser. Don't use your custom domain though. Use https://YOURDOMAIN.page.link instead
https://firebase.google.com/docs/dynamic-links/custom-domains
also DO NOT skip the preview page!

Peoplesoft screens in an iFrame

Has anyone successfully integrated Peoplesoft screens or navigation via an iFrame in a third party app like Liferay or uPortal?
We are trying to integrate Liferay Portal as a web front end and consume some of the PeopleSoft screens in an iFrame portlet. Both the Liferay Portal and Peoplsoft systems are on different top level domains. We are using Oracle Single Sign On on bot the applications. We have a couple of issues with this.
The screens display in the iFrame - however, the JavaScript on the PeopleSoft does not execute and keeps spinning. In Chrome devtools console, there is the following error:
Uncaught TypeError: Cannot read property 'getStoredData' of undefinedPT_PAGESCRIPT_win0_MIN_1.jsp
If not already signed in to the PeopleSoft system via SSO - the Login page pops out of the iFrame on IE browsers. To clarify based on comments below, the SSO happens for the first app like Liferay, however the user didnot try to go the second app PeopleSoft yet. So the SSO cookies for the second app (PeopleSoft) are not yet in the session. So when we access the page with the iFrame containing the Peoplesoft page, it pops out of the frame in IE trying to establish SSO session and cookies with PeopleSoft.
Has anyone been able to solve any of these issues?
Any insight would be much appreciated. I can provide more details if needed.
Thanks!
Edited for clarification based on comments below.
We have been able to resolve the above 2 issues.
First, we created a new instance of the portal in the same parent domain as the PeopleSoft domain and ensured both were using SSL so the protocol matched. This resolved the cross domain JS errors
Second, we changed our Oracle IdM SSO login flow to always redirect to a new PeopleSoft PIA which redirects back to Liferay's original URL. This ensures there is a valid PeopleSoft session and prevents iFrame popouts along with other integration issues. There is a lot of changes and work done by our team on this around related use cases(deep links, session timeouts) and flows. I'd be happy to post more details if anyone is proceeding down the same path.
Thanks for all the comments which helped us dig in the right direction. We also got feedback from other Liferay and PeoplesSoft customers who followed similar approaches.

How to detect URL scheme and prevent the default navigation to that URL in phonegap hybrid application

I have the following requirement for my application (Android, iOS):
When the application launches it displays a login.html page (which is part of the application). After logging in, the application's webview should be occupied with home.jsp from an external domain. When user clicks on logout button in home.jsp it has to navigate back to login page . On click of logout when we usewindow.location.href="login.html" then it tries to find the page on xxx domain.
Is there a way to detect this navigation URL and override the URL from javascript or phonegap properties in the application?
When I inspect window.location.href in an android emulator I get file:///android_asset/www/index.html
But I think Nathans idea of moving it to the server is a good one. You could also have one on the device if you really need to. (PErhaps you should ask the person specifiying the app achitecture how they would do it :) )
The answer is going to vary depending on how you've implemented the mentioned WebView where home.jsp is being displayed in. You did not provide any code or any specific information so the answer is going to be the same - somewhat vague...
If you've opened a new WebView, then you can't control it from JavaScript. You'll need to control it via Java or Objective-C code (you did not mention which environment you're developing for...).
For example, if you'll look in the your-app\android\native\src\com\your-app\your-app.java file, you'll see how the native layer loads the application's index.html file after the Worklight JavaScript framework has been loaded.
Similarly, you could re-use this approach in your own application to close and re-load login.html.
If you're in fact doing the mentioned re-direct from the comments, meaning you're re-using the current webview but replacing its content with external content, then I think it is expected that you've lost the context of the application, and when looking for login.html - it doesn't find it... because you've moved from app-context to web-context. They do not know each other.
I think you should not do this re-direct. Instead, you need to open a new WebView using a Cordova plug-in, and in this new WebView to display your external content.
In this Overlayed WebView, you can detect any urls that are clicked on and if the sign-out URL was detected, then close the WebView.
You can see parts of this in action in the Integrating server-generated pages in hybrid applications tutorial and accompanying sample project.
In the sample project, you can see the functions provided (where you can add yours) in android\nativeResources\src\com\IncludeExternalPages\IncludeExternalPages.java.

Hiding URLs from the location bar

This might be a silly question which I'll delete if I realise, so if you are reading this then I didn't yet figure it out.
I have some software which is online (addressable) and available but it's a bit of a secret, so instead of just hitting my software when you come to my domain, you are shown a blog that I wrote and hidden within that blog is a link ;)
All well and good.
Now the problem is that users of my software always post screenshots which gives my 1/2 secret URL away. EEEEK yep! So I wanted to have the url be just the plain old normal domain, so as not to make things too easy for them hacky types :p
I have full control over everything here. Clientside / Server / Everything. Initially you hit some jsp and then the GWT app (inside of Tomcat) - you have to provide login details in the GWT app. So I have plenty of places to do this URL hiding / faking but any ideas to help would be great.
...and yes I'm posting this (perhaps isn't too dumb)!
Many thanks in advance.
You can use the javascript history.pushState() here
history.pushState({},"Some title here","/")
For example, on http://yourwebsite.com/secretlink.html, after the JS runs, the URL bar will show http://yourwebsite.com/ without having refreshed the page1. Note that if the user refreshes the page they will be taken to http://yourwebsite.com/ and not back to the secret link.
You can also do something like history.pushState({},"Some title here","/hidden.jsp"), so that if the user refreshes the page you can show them an error page that tells them to find the secret link and open it again.
1. If you pushState() some other domain than your own, a refresh will happen so this cannot be abused to phish sites
Include the inner page as an iFrame

Facebook login without javascript

i have a page tab where users press like and then using the js sdk i ask to grant the app for some permissions..
in order this to work on mobile devices since page-tab are not available, i have used mobile-detect..
the problem is that i don't want at mobile version the js popup but the native login window..
this can happen using the login without javascript
https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/#confirm
the problem is that i m completely lost, at the redirect after the login..
header("Location: https://www.facebook.com/dialog/oauth? client_id=487296798007389&redirect_uri=URL_TO_REDIRECT_TO/success.php&scope=email,friends_l ikes&response_type=token");
if i use the response_type code i get a code from which i can't get access token..
if i use the response_type token i get a access token with a hash tag on top and i don't know at all how to handle this..
can someone give me some quite lines on how should this be treated in order to retrieve userid
do i need to set my app to sth else apart from only page tab? since the mobile version will be accessible from my own domain?
i found these two very usefull
with this i do a php login that it server me better in a specific occassion than js..
https://developers.facebook.com/docs/php/howto/profilewithgraphapi/
and this
Facebook login without pop-up?
it let me use js, but instead of login (that would pop up on mobile) i could use the redirect link and have similar result..
however, i noticed a case in which on some devices the second case ended in infinite loops without obvious reason

Categories

Resources