Contao 4 suggests to use form to log in to the front-end: https://docs.contao.org/manual/en/layout/module-management/user-modules/
But I am looking for a solution in my own created login module.
I have a user name (email) and password.
I would like to create my own function to log in and log out in the frontend.
Need a solution. please help.
Contao's firewall will react to any POST request with the following parameters:
FORM_SUBMIT=tl_login
username=…
password=…
See the ContaoLoginAuthenticationListener (note: it is different in Contao 4.4).
So as long as your own login module causes these POST request parameters to be sent (+ REQUEST_TOKEN if necessary), then the user should be automatically logged in.
Related
I'm new in ios sdk and English. Therefore, sorry for my Eng.
I try to do authentication through github using OAuthSwift.
In the registration of the application (https://github.com/settings/apps), there is need a redirect URL. In the tutorial from raywenderlich.com was an example, they did authorization through Google. They wrote a unique domain in this line that does not work: com.raywenderlich.Incognito. And in Info.plist, we added a Scheme URL with com.raywenderlich.Incognito, so that (as I understood it) when we go to this address after authentication, we’ve got into our application. But if you try to add in the application settings (https://github.com/settings/apps) the Redirect URL: something like com.raywenderlich.Incognito, will generate an error, because github wants the URL to have to be valid. If we put the Valid URL there, then when we will be redirected to this address, we will simply go to it and will not return to the application.
I would be grateful for any help.
Sorry for my English.
Redirect url in OAuth is the url that the authentication provider navigates to when authentication is successful.
For mobile apps it is the link that launches the app (a sort of deep linking)
For websites it is the website home screen
I recently started getting into Typo3 but now I have to implement something for work and I have no clue where to start.
The requirements:
I have to add a separate page that can only be accessed by frontend
users. (so far no problem)
These frontend users should be able to login with the same password
as they got for their iOS app. (uh-oh)
The separate page should display data from the app. (less of an uh-oh
but connected to the previous point)
After talking to the developer of the app, he made a specific POST request that can be used for the webpage. I am also getting a json-file with the required data that I need to display upon successful login.
My question lies with the login. How do I go about implementing this? I use the extension felogin to provide the login form on the page.
The POST request is looking sort of like this:
https://domain.at/api/queryMediaItems. It needs user and password, declared as user and pwd. In the body there should be a json object with the language, e.g.:
{"language":"de-at"}
You need to implement a SSO (SingleSignOn) as your users need to identify against the iOS-app.
This might give you a concept.
You also can look inside the code of some extension
I have been trying to implement the OAuth v2 for Microsoft Accounts for my website. Its currently in development stage and so am testing on localhost. The Website is an ASP.NET Core MVC 5 Application.
I have followed the tutorial here to implement OAuth for Twitter, Google and Facebook accounts. I found this to be quite simple with only a few small issues that I was able to solve with simple google searches.
However I have spent several days trying to understand what is happening when trying to use Microsoft Account authentication on my site.
I have watched the video here on registering an application in the Microsoft App Registration Portal. At around minute 6 in the video a short demo shows how to set up the App. You can see my App details in the following screen shot:
In the video at about 7.5 mins in, there is a small section explaining how to test the App by building a URL string.
On submitting the query string to the browser the page is redirected as expected to my App page as you can see here:
In this instance I was all ready signed into my Microsoft Outlook account. If I wasn't signed in I would be prompted to login to a Microsoft account. Logging in, in this case choosing my already signed in Outlook account causes the page to be redirected back to my site as seen in the following screen shot but because the site didn't send the request its not expecting a token sent back for login so nothing really happens. This is expected behaviour, at this point as I was only testing that the Apps end point was working as expected.
[
The next stage is to test the functionality from my website. This is where I always have issues. To activate the OAuth functionality for Microsoft Account login requires simply un-commenting a couple of lines of code within the Startup.Auth.cs file in my websites App_Start folder and passing in the Apps ClientKey and ClientSecret values as can bee seen in the following code snippet:
app.UseMicrosoftAccountAuthentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientID"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientSecret"]);
This code basically adds a little button to the login page that allows you to choose Microsoft login as can be seen here:
[
When I click the Microsoft button I get the following error page:
And the query string returned contains the following:
https://login.live.com/err.srf?lc=2057#error=unauthorized_client&error_description=The+client+does+not+exist.+If+you+are+the+application+developer%2c+configure+a+new+application+through+the+application+management+site+at+https://apps.dev.microsoft.com/.&state=JMxMRuKaOiYWCQw_Uqkhv3gLQn3ULlkG2miM4ymcHhTK5niXVQl5n4L0a6VoWeEKmFM7T1ciU2oQAh26_Y0i2DMjdt6BOAtpjNeMaSpBq4wbCjva9lOuctOUIWwoFdTEGvxJ4M904lUsoudd9e9cYi6eiH3JF81HB5ouQSus2ddE1sVUQLw-YB1GjUL79y2muFaBFIOIOk75oCV2IxX4cFO2rJU04K9Se6gxu698WpzR8taUB2c6tK9u0dBisckhavf0IvKB9dWQq-IVwQgvaA
Anybody know why or what is happening????
Now I have read in several of my many searches while trying to understand whats happening when I try to test the App from my site rather than a URL directly in the browser that I should have
/signin-microsoft
appended to my Redirect URL in the App Portals configuration. I have Tested with my Redirect URL set like that and this does not work. I get a HTTP ERROR 500 sent back because the page signin-microsoft does not exist. So this is not my problem.
Please help if anyone has had the same issues and solved it.
EDIT: I should have mentioned that I was initially trying this using Local IISExpress but after reading some posts saying it can be done only on IIS so I published my site locally to IIS.
I'm attempting to sign in users with the LinkedIn Omniauth 2 gem. I have tried a few different possibilities for the redirect, read several articles and nothing is working.
I'm trying to test this locally.
Rails 4 app
Gems include:
omniauth
omniauth-linkedin-oath2
A few attempts of the redirect URL to put in the box includ:
https://www.linkedin.com/uas/oauth2/authorization?client_id=759dczzx23nyic&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Flinkedin%2Fcallback&response_type=code&scope=r_basicprofile+r_emailaddress&state=8da572e31a8e66e6b1de54acddd14937d976ed06d7ed3217&client_id=*
= API Key that needs to stay private
http://localhost:3000
http://localhost:3000/
http://www.localhost:3000
https://localhost:3000
https://localhost:3000/
https://www.localhost:3000
I read both of these articles the entire way through, but still couldn't attempt to find the correct way to redirect it.
https://developer.linkedin.com/forum/register-your-oauth-2-redirect-urls
https://developer.linkedin.com/forum/oauth-20-redirect-url-faq-invalid-redirecturi-error
Any help in what I need to change would be great.
They need to match exactly what you are sending:
http://localhost:3000/auth/linkedin/callback
In case of Linkedin Authorized Redirect URLs should be in form of:
http://localhost:8080/your-project-name/auth/linkedin
After authentication if you want to redirect to a specific page then
http://localhost:8080/your-project-name/that-page-url
I was having a similar issue and kept getting "Invalid redirect_uri. This value must match a URL registered with the API Key." error when using Auth0
I added URL below to LinkedIn's list of allowed callback then it worked.
https://"Insert your Client Domain Name from Auth0"/login/callback
I have a BlackBerry java-based app that works with salesforce data and uses oauth 2 for authentication. It has been working fine until recently when users have been complaining that once they get to the accept/deny salesforce oauth page, clicking on Accept button displays a salesforce 404 page.
I attached a debugger to the bb simulator (OS7) and found that everything was working fine up to the point where a POST is made to salesforce on pressing the ACCEPT button in the final stage of authentication/authorisation via salesforce oauth2 user agent flow. At this point, the post would succeed and the response body would contain some markup with a small JavaScript block that just performs a document.location.href assignment to force the browser to navigate to a new URL. I noticed that the URL was not what I was expecting - I was expecting to see the redirect_uri callback address + the access token etc data appended to the end of it (as per the sf oauth2 documentation). What I saw instead was a URL that when navigated to leads the user back to a login page with a message saying that they are attempting to access a resource that requires authentication.
If I perform the same flow in say chrome the URL after the post is what I expect. This all used to work just fine so I am confused as to why it would stop working all of a sudden. I've heard that Salesforce changed their oauth 2 implementation back in late 2011 slightly so I wonder if this has broken my client although I don't see how.
As an experiment I removed all of my code except for an embedded BrowserField and made it navigate to the oauth URL as constructed by combining consumer key and various other values as per the documentation and it still fails with a 404 page at the point of clicking on the accept button after a successful login.
If I try the same bootstrap oauth URL in the built in bb browser the full authentication flow works fine and I am eventually redirected to the final callback URL with access token information appended.
Has anyone else out there had trouble with oauth2 user agent flow on BrowserField (from field2 package)?
Have you tried using the "scope=mobile" parameter? This parameter puts you into a very simplified oauth flow that is optimized for blackberry...we've found they generally have trouble getting through the richer flows designed for iOS/Android. That said, I haven't heard of them having issues on BB7...only the 5 and sometimes 6 series
If that fails, could you open a support case with us?
Try also "display=mobile" and "scope=api web" (with a space), depending on what you are trying to access after OAuth.