I am trying to configure OAuth app flow for BOX app in both Desktop and iOS platforms. But in BOX app console, it is allowing to give one redirect URI either iOS or desktop. How can i configure it to work for both.
I want to give redirect uri :
For iOS : boxsdk-clientId://boxsdkoauth2redirect
For Desktop : http://localhost:6900
To the best of my knowledge Box does not allow you to specify multiple redirect URIs for an application. You will need to create a separate application for each redirect URI, e.g. "My App for iOS" and "My App for Desktop".
Related
We have our custom IDP which implements the OIDC/OAuth2 standards and many of our browser based SPA apps use it for authn/authz (With SSO). We also have some of our apps which are WPF desktop based. Now, our requirement is to implement similar OIDC/OAuth SSO from desktop app by launching a browser from the desktop application and then once the sign in is complete come back to the desktop app (SSO).
This is something very similar to how Docker desktop works which launches a browser for sign-in and then redirects back to the desktop application. Anybody can suggest what is the right way to implement this and any reference to sample implementation would be greatly appreciated.
Thanks
The system browser is used to login, according to RFC8252. I believe Docker desktop uses a private URI schene to receive the OAuth response.
See these resources. My app is coded in Javascript but you should be able to translate the concepts:
C# private URI scheme example
My desktop code sample + blog posts
We are developing two new react native apps, and need to integrate Azure AD authentication at both the places. We also have existing web apps that are Azure AD enabled and the user can open the web links from our (new) native apps.
We have decided to use MSAL library (react-native-msal) to implement the authentication part mainly to support SSO between the native apps + the web apps that we open in the Safari browser.
We have followed all the steps that the react-native-msal library suggests and are able to achieve SSO between the two native apps.
However, when I login to one native app, and try to open the web app link using react linking, the web app prompts for the login credentials.
Note:
For authenticating user through native app, we are using "Authentication Session" with "prefersEphemeralWebBrowserSession = false" which ideally should share the SSO cookies with the Safari browser.
But clearly, this does not seem to work.
I would like to get some understanding on this problem and find out if others are facing this issue too? or is it just us?
In this case you need a preferred user token and send it along with the login request. For capturing the details of the user at the same time I suggest storing the details in the domain wide cookies that is known for all applications.
// Store the user details after login
document.cookie = "msal_details=Paul#xyz-corp.com;domain=.xyz-corp.com;path=/"
// use the user details
var user = getCookieByName("msal_username");
userAgentApplication.loginRedirect(scopes, "&login_hint=" + user);
Lastly, you would need to implement this in your application.
Well, it turns out to be a problem with the simulator. This functionality works only on the physical devices (iPhone/iPad) and not on the simulators.
This should have been documented in the react-native-msal's document though.
I'm using AppsFlyer to test retargeting feature. I've implemented deep-linking using Firebase.
I launch the app on my device using Xcode and click the link below which launches the browser and redirects to AppStore. Since I'm running the debug build directly on the device, it detects as "App not installed".
How can I make sure the link directly opens my App and not redirect to the App store ?
The link is of format:
https://Mycompany.onelink.me/12345678?pid=twitter&c=Paywall&af_dp=MyApp%3A%2F%2FUpgrade&af_web_dp=https%3A%2F%2Fwww.MyCompany.com%2Ffeatures-and-benefits%2Fmobile&is_retargeting=true
In general, you need to configure Universal Links / URL Schemes in your xCode project. Most developers choose Universal Links as they are more secure and work better for most use-cases.
You will also need access the Configure OneLink page on the AppsFlyer dashboard, in order to create a unique OneLink ID for your application, set up the subdomain for your OneLink and input some additional data that is used for authentication (as Universal Links are secure).
You can find all the detailed info and instructions here: https://support.appsflyer.com/hc/en-us/articles/208874366
As this requires a setup on both the client side and and server side, you can request some assistance with the server side configurations and additional instructions on client side configurations at support#appsflyer.com
So, now twitter from 25 sep supports universal linking, it means that when UIWebView hits https://twitter.com/oauth/authorize?oauth_token link, it tries to open a twitter app, and if it is there, then it redirects me to auth page with auth error, so I wonder, how can I disable it from code, without uninstalling twitter app, or how I can enable universal linking auth in my xamarin ios app? Is it possible at all?
(similar question but for native: Disable Twitter Universal Deep Links)
Unless Twitter removes/updates the apps section of "https://www.twitter.com/apple-app-site-association" to allow a bypass or a secondary oauth that is not in the apple-app-site-association file I do not see how you would do it. These files are signed and iOS handles them at an OS level.
I have not played around very much with the continueUserActivity delegate and the NSUserActivity object that is passed to apps launched from UNI links, but I do not see a way for the launched app (i.e. Twitter) to return control to the original app, and at that point the oauth call-chain would be broken anyway....
Unique. Unlike custom URL schemes, universal links can’t be claimed by other apps, because they use standard HTTP or HTTPS links to your website.
Secure. When users install your app, iOS checks a file that you’ve uploaded to your web server to make sure that your website allows your app to open URLs on its behalf. Only you can create and upload this file, so the association of your website with your app is secure.
Via: https://developer.apple.com/library/prerelease/ios/documentation/General/Conceptual/AppSearch/UniversalLinks.html
We have an ios app that uses native Facebook login just fine.
Then we also have a website (app is basically an optimized client for it) where people can login via Facebook too. When they open our website in mobile safari, they are directed to Facebook pages to authenticate there and it works, but.. it is still far from native and users have to retype credentials they often have in ios already.
So could it be possible to to somehow launch system fb authentication for just a web page (maybe using some clever URL schema?) and get granted token back to web?
Difficult way
As described here http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified#mobile-apps you could find URL scheme to trigger the native iOS app for app authorization:
fbauth://authorize?redirect_uri=[redirect_uri]&client_id=[client_id]&response_type=token
But if you call that link it's not possible to have a redirection. You could try to hack that redirection but maybe you could not find a way out.
A secure way to solve that problem is to use a SSO token to authenticate user on your App when he logs in, and next on Safari take a redirection, with a custom url to your APP, that do as bridge to FB App via Token stored in your APP. After FB authentication you can directly redirect user back to your landing page in Safari. As said by #Lego it's an alternative way to direct authenticate that could be made by going deep to custom URL used by FB.
No, it is not yet possible to directly authenticate the user via the native Facebook App, but it's possible to authenticate the user using a custom URL scheme which opens your native iOS app which then handles the authentication flow:
The user authenticates natively with your iOS App. You then store the user login (not password) in your app (i.e. using NSUserDefaults).
Then the user opens your web page in Mobile Safari. You redirect the user via a custom url scheme to your app (i.e. using myapp://authenticate). Apple documentation on implementing custom URL schemes: click
Now, if you have an active FB session in your iOS app, you can either directly redirect the user back to your landing page in Mobile Safari, passing the access token via url get parameter or you first re-authenticate the user, displaying a login view with the user name pre-filled, which you have stored in your iOS app before (step 1) and then redirect the user to your landing page, again all depending on session state and your security needs.
For opening face book app you can use Custom URL scheme. But i am not sure if u can authenticate user from it. In case if you could also then it will be confined up to the fb account which is already configured on that device app .so better try to use face book api or something
I don't get your question exactly but i think as per your question you want to create fb app Login in safari or in your custom web view.
is this perfect ?
as per my knowledge web view is different thing and native app is different thing.
if you are Login in web view then no need to check anything token or other thing because it will give you Logout thing there.
but if you are Login in your application then "developer.facebook.com" will definitely help you.
and yes, you will do most of the thing in your app as native facebook app do.
Hope it help....