On the web project, I added the ability to authenticate using the Twitter API. And I got a problem. I will describe the steps to reproduce the problem:
I authenticated in my web application using my Twitter account - “Account 1”
I have logged out in my web application.
I’m trying to login to my web application using “Account 2” Twitter. But Twitter does not allow me to do this, offering to sign in with “Account 1”.
Also, during the first authentication in my web application, I actually log into my Twitter account (when I go to twitter site, I get into the account from which I previously authenticated in the web application).
I think this is not normal. I only need authentication in my web app, not logging into my account (on twitter site).
How can I get the right behavior?
Related
I have integrated the Google one-tap sign-in in my rails app.
It is working fine for some users but for few users after successful sign-in, it redirects them to myaccount.google.com instead of my site and after that, if the user goes to my site, they are signed in automatically.
What could be the possible reason?
I followed this guide to integrate one-tap sign-in.
https://developers.google.com/identity/one-tap/web/guides/get-google-api-clientid
We have hosted our application with third party authentication enabled using oAuth-OpenID connect which is working fine for Google and Facebook. Now we want to expose that to few users for testing purpose but we dont want the URL itself to be misused.
So, we added additional Authentication just to reach the site itself for preconfigured AD email addresses. But that was enabled directly in the Azure portal settings.
1) Once the user type the url in the browser, it takes to the microsoft login page. Enter the AD email address
2)It redirect to the site properly as expected
3)But here comes the problem, since the individual authentication already enabled for ather service providers, the AD token carried to the site and it started misbehaving
I want to provide AD authentication just to the entry for my site. But after that, it should not effective. How to achieve that
It seems that you want to expose the web app to specific Azure AD user for testing purpose.
If I understood correctly, in this scenario the web app can interact with Azure AD via OpenID connect just like the Google and Facebook instead using settings on Azure portal. And if you also doesn't want to Google and Facebook account could access the web app, you should remove the corresponding authentication middle-ware. And to limit the Azure AD user to access the web app, you can enable Enabled for users to sign-in feature like below:
Then we can add the users via Users and groups to enable the users we want to allow to access the web app.
We are using Jawbone API to pull data tracked using jawbone devices.
Our users are successfully able to sign in when they access Jawbone sign in page during OAuth process from our website.
However, they are not able to sign in when they access jawbone authentication page from our android app during OAuth process. This authentication page is launched in webview on andriod.
On log in page after entering correct credentials and clicking on Sign In button does nothing. The page even does not display whether credentials were correct or not.
Is the OAuth authentication user agent (web/app) dependent?
We have started facing this issue just recently and before it used to work perfectly.
Jawbone's OAuth2 flow operates through web login and approval pages, then issues a redirect callback to your server. Jawbone has several partners who do this within their Android apps.
It sounds like your app is not handling the callback half of the OAuth2 flow correctly, but it's hard to say based on this description.
Have you reviewed the Authentication documentation?
Also, consider Jawbone's Android SDK.
Im trying to build sign-in with twitter on my web application, which redirects to twitter for sign-in shows app permissions page etc and comes back to my application after authentication, what I actually want to do is, if I have twitter app installed, and Im signed into it, I want to use that information in my web application running on safari.
How do I do that in case it is possible.
I'm using omniauth-twitter for twitter log in to the website and it works perfectly well (go to /auth/twitter, user authenticates, and then redirect_to /auth/twitter/callback). Great.
However, on the iOS side, how can I implement sign in with twitter? Do I do it client side or server side? Could anybody go through the steps? (note: the only way to sign in to the app is through twitter)
We've tried:
using a UIWebView that goes to /auth/twitter, but on redirect, it goes back to the web version. Is there a way to get JSON data from the UIWebView?
doing sign in with twitter client side, and using a made up password to authenticate in sessions#create that matches a made up password on the db.
Is there another alternative for authentication? I know what we're doing has a lot of flaws but we couldn't find any other solutions even after asking in meetups and researching online for days. please help!
You could add an OAuth 2
implementation on your server. Your server authorizes the iOS app for an authenticated user / content owner. (You have completed the authentication part.) Once authorized, the iOS app accesses that particular user's content (via an api on your server) as if it is logged in as that user.
You will find one potential OAuth 2 provider implementation for RoR as
applicake/doorkeeper
You will find a sample iOS client application as
telegraphy-interactive/OAuthClientSetup
That is one suggestion, in any case. Not the whole answer, which would require a book chapter.