My current scenario is:
Running an iPhone on the latest iOS
LinkedIn App is installed and logged in
Web browser is NOT logged into LinkedIn (because I have the app)
Developing a web app with "log in with LinkedIn" functionality
On the iPhone, clicking the "log in with LinkedIn" button redirects me straight the the LinkedIn App, which subsequently does nothing - just shows me my feed. I have verified this same behaviour occurs on a third-party site as well as my own. Note that Android exhibits similar behaviour, though I haven't tested as extensively there.
I've found several workarounds:
If I open the web site in Private Browsing mode clicking the login button asks me if I want to open the App or stay in the browser.
If I long-press and "Open in background tab" the login button it'll open (in the background, of course) instead of redirecting to the app, allowing me to log in.
If I manually type "linkedin.com" into the browser and log in then it seems to work too.
None of these are even vaguely practical for end users, essentially forcing us to remove the option entirely.
I'm fairly sure this is a problem at LinkedIn's end and the solution is either:
Don't redirect to the App for OAuth Authorize requests, or
Make the App correctly handle OAuth Authorize requests.
If I'm incorrect and there's some way we can stop this redirect from the client side I'd be happy to hear, otherwise I hope LinkedIn engineers actually see this...
See the comments in Issues with Linkedin Social connection
LinkedIn already confirmed that it is a problem on their side.
Related
I implemented Instagram Login using Basic Display API. Everything works fine if the user enters their Instagram credentials in the web view that comes up on loading https://api.instagram.com/oauth/authorize request. After that I can pull the user's media from the Instagram account. It tells me that everything is implemented properly.
Now, if user choses the "Log in with Facebook" option in the WebView and goes through the Facebook login flow, everything still works fine when I run it on a simulator: after Facebook finishes its login flow with 2 factor authentication I eventually get the redirect callback, parse the code form it and all the rest works as normal.
But the same fails on a physical device. After I call https://api.instagram.com/oauth/access_token to get the token with the obtained code the Instagram app launches momentarily and then opens Safari with this error:
{"message":"Logged-in use not
supported","status":"fail"}
What gives? This is incredibly frustrating, one day was wasted and not sure where to go from here. Any ideas?
UPDATE:
The reason it behaves differently on the device is because it has Instagram app installed and the app gets launched when Facebook calls https://www.instagram.com/accounts/signup/... endpoint to return to the Instagram auth flow (I am watching the requests coming through the WkWebView). Instagram app throws that error above, while on the simulator the end point seems to be serviced fine by the Instagram backend and the flow continues as it should.
So the question is how to get the Instagram app out of the loop.
UPDATE2:
Confirmed - once I deleted the Instagram app from the device it works as expected. Once I install it back it gets launched again during the authentication flow by Facebook and the problem is back. This seems to be a bug in the Instagram app, I have no other explanation.
OK, so after lots of dead ends and obscure rabbit holes I was frantically going down, I have concluded that the real issue is the bug in the Instagram App. As noted in the update to my question the flow started to work fine after I removed the Instagram.
Still not ready to jump to conclusions I tried a few other apps from the Appstore that have Connect to Instagram feature. All of them fail exactly the same way. Specifically if you choose "Continue with Facebook" on the Instagram login WebView you eventually end up launching Instagram app (if it's installed) which in turn throws an error in Safari, and you are stuck.
And you know what the funniest thing is? If you download the Instagram app itself and try to login using the same Facebook flow it will fail as well!
The lesson learned - before you suspect you made a mistake in your implementation check out some other apps with the same feature implemented and maybe you'll discover that you are not alone in your struggle.
The documentation says you should send a POST request to this URL:
Step 2: Exchange the Code For a Token
Once you receive a code, exchange it for a short-lived access token by
sending a POST request to the following endpoint:
POST https://api.instagram.com/oauth/access_token
I didn't get why are you trying to redirect users to this endpoint?
I have finally got my iPhone app to authenticate and return back to my app with the authorisation code. The main problem was that the reverse client id did not get picked up by my app. I had to add an url scheme of my bundle id instead of the reverse client id.
Anywho, the problem is post authenticating in Safari I am presented with a open 'app name' page dialog. If the user clicks open it works fine. If they leave it for just a few seconds it redirects them to the Google homepage and they have to start all over again. If they are using two factor authentication by any other method than phone call I think it fails too.
How can I avoid this open page dialog?
The solution I found was to use the official Google library for iOS. This does not involve Safari like the AeroGear library I was using does.
I did my best to find a similar problem, but I did not come across one. I speculate this error may have been introduced with Instagram recently changing its API. I'm wondering if anyone else came across the same issue.
I use instagram for authentication. The problem is that, when a user is logged in to Instagram on another tab, if he clicks the instagram sign-in button to log in to my app, he lands on the instagram authorization page and is asked to enter username and password. The problem is that instagram is supposed to auto-redirect to my app directly since the user is already logged in on the browser. But this doesn't happen. Moreover, even if the user enters wrong password or empty user name, instagram still redirects to my app with the logged in user. So the browser definitely knows that the user is logged in to instagram. I am quite sure that the problem is related to instagram, because when I change the provider settings to twitter, redirection occurs with no problem.
And this problem occurs for returning users as well.
For reference, I use rails 4 and my authentication strategy is omnioauth-instagram (no devise). I mainly followed this tutorial http://www.sitepoint.com/rails-authentication-oauth-2-0-omniauth/ for authentication. I am still in development mode so I use localhost.
EDIT: Here is the instagram notice:Instagram Platform and documentation update. Apps created on or after Nov 17, 2015 will start in Sandbox Mode and function on newly updated API rate-limits and behaviors. Prior to going Live, and being able to be used by people other than the developers of the app, these apps will have to go through a new review process. Please read the API documentation or the Change Log for more details.
I started creating my app before nov 17th.
I am adding facebook comments to my iPad application using UIWebView and HTML5 code provided by Facebook.
When the user is not logged in, the application shows the comments and button "Login to Facebook to Post a Comment".
Clicking the button takes me through login process. After the login completes the view is redirected with an empty page with "Login complete" message. It is not redirected back to the comments dialog.
Right now I implemented an ugly workaround. Upon receiving webViewDidFinishLoad event, I look at contents of the page and reload it if the page shows this message. Though, it does not seem a clean way to go.
Why doesn't Facebook redirect me back to original comments page?
I suspect the problem you're having is related to this issue: Facebook authentication in a UIWebView does not redirect back to original page on my site asking for auth
Specifically, the standard Facebook web login process launches a new browser window dialog, and dispatches a message back to the opener to indicate login success for the redirect to occur.
Quoting a passage in the linked SO, "UIWebView doesn't support multiple windows so it can't postMessage back to your original page since it's no longer loaded."
I'm also developing an iPad application, and my solution is similar to yours: i drive the user to "https://m.facebook.com", always, to force him to login first, then in "webViewDidFinishLoad" i inspect the returned url and if it matches:
"https://m.facebook.com/login/checkpoint/"
exactly, that is, the url returned upon a successful login, then i call my own method (with reload or anything i want). At this time, the user is authenticated and has a valid FB session, so, redirections are not necessary anymore.
It's definitely not pretty, and may break as soon as FB changes the way it processes the login dialog, but i too cannot find a way to resolve it any better. Even tried using "FB.Event.subscribe('auth.login', function(response) {});" without success, of course, because the code is never reached.
I think a bug is already submitted to FB, but i don't think it's getting the deserved attention...
I ran into same issue as this question, but after reading some Facebook official documentation, I'll be redesigning to use the Facebook native SDK.
All iOS and Android apps must (effective October 2, 2013) use our SDKs
for iOS and Android for requesting permissions.
Though, I also gather that the "or else" is just a "developer notification"?
Posting this in hopes it will save time for someone using the same approach :)
I found two different FaceBook auth dialog while using two apps one is "Poker by Zynga" and other one is I am developing.
When I use FaceBook login in "Poker by Zynga" then Safari opens this page:
And when I use my app which is under development now, then Safari opens this page:
You can see both of these are two different pages. In Poker by Zynga, it says "Logged in as Vicky Gupta - Log Out" where user can choose Log Out to sign in as a different user. While in my app it says "You are logging into this app as Vicky Gupta", in this there is no Log Out button. The only way to log in as a different user to open FaceBook in Safari and then log out from there.
Does any one know why this difference is occurring ? am i missing something in FaceBook app settings? Or is this a normal behavior because I don't think so?
Note: I am using the latest FaceBook SDK (with graph api).
If you are using latest iOS Facebook SDK, I think to logout a user you just have to delete the token obtained by the Facebook main object.