I am trying to implement facebook login using django allauth on pythonanywhere.com.The code I am using works fine on localhost. But the same set of code does not work on pythonanywhere. When I click on the "Facebook Oauth" hyperlink on the login page it takes me to facebook site on localhost.However when I do the same thing on pythonanywhere it gives me following error:
"DoesNotExist at /accounts/facebook/login/
SocialApp matching query does not exist."
Request your support in identifying the root cause.
1.login template :
{% load socialaccount %}
{% block content %}
Facebook OAuth2
settings.py file :
SITE_ID = 3
SOCIALACCOUNT_PROVIDERS = \
{
'facebook': {
'SCOPE': ['email', 'publish_stream'],
#'METHOD': 'js_sdk' ,
'METHOD': 'oauth2',
'LOCALE_FUNC': 'path.to.callable',
#'LOCALE_FUNC': lambda request: return 'en-US',
}
}
Related
I am trying to implement Microsoft SSO authentication in ionic 5.
Undefine occurs in the console when the code below is executed. Which part is the problem?
login(){
let authContext: AuthenticationContext = this.msAdal.createAuthenticationContext('https://login.windows.net/common');
authContext.acquireTokenAsync('https://graph.windows.net', 'clientID', 'http://localhost:8200')
.then((authResponse: AuthenticationResult) => {
console.log('Token is' , authResponse.accessToken);
console.log('Token will expire on', authResponse.expiresOn);
})
.catch((e: any) => console.log('Authentication failed', e));
}
error =>
https://ionicframework.com/docs/v3/native/ms-adal/
const browser = this_.iab.create("https://login.microsoftonline.com/" + tenant_id +
"/oauth2/authorize?response_type=id_token&client_id=" + client_id
+"&state=SomeState&nonce=SomeNonce"
, '_blank', 'clearsessioncache=yes,clearcache=yes,toolbar=no,location=no,toolbarposition=top,hidenavigationbuttons=yes,toolbarcolor=#0072bb')
browser.on("loadstart").subscribe(event => {
IAB is inappbrowser. Msal we had also tried to use when we needed this type of authentication for azure AD b2c. Similarly you have to do for your case.
There is enterprise level plugin available which cost around 8 lakhs INR.
So this is the work around. Tenant id and client id you will get when you register your app under applications in azure account.
So once the login is successful that load listener will listen to pages which IAB is visiting. And if found occurrence of #token_id(after sucesfull login).
Automatically the iab will close and ionic app page will resume or you can put some new route entry in that event listener.
May be for your case the base url might change. So try first visiting chrome with the url which opens your case login. And accordingly change.
MAKE IT WORK USING IAB AND NOT MSAL
I cannot authenticate to a FeathersJS server using OAuth2 Facebook strategy because after Facebook grants access to user profile, the feathers-authentication-oauth2 plugin doesn't create the user into the DB and it also doesn't create the required JWT token to be authenticated when calling feathersclient.authenticate() in the client app.
I've tried to follow all documents I've found that explain how to do it, but as a good example I could select this one (https://blog.feathersjs.com/how-to-setup-oauth-flow-with-featherjs-522bdecb10a8) that is very well explained.
As a starting point I've taken the Feathers chat application explained at the documentation (https://docs.feathersjs.com/guides/chat/readme.html) after having it working properly, I've added tha OAuth2 part as explained in the Medium document. In the default.json file I've added the "facebook" authentication strategy:
"facebook": {
"clientID": "MY_CLIENT_ID",
"clientSecret": "MY_CLIENT_SECRET"
}
In the authentication.js fileI've added the configuration of the Facebook OAuth2 authentication:
const authentication = require('#feathersjs/authentication');
const jwt = require('#feathersjs/authentication-jwt');
const oauth2 = require('#feathersjs/authentication-oauth2');
const FacebookStrategy = require('passport-facebook').Strategy;
module.exports = function (app) {
const config = app.get('authentication');
// Set up authentication with the secret
app.configure(authentication(config));
app.configure(jwt());
app.configure(oauth2({
name: 'facebook',
Strategy: FacebookStrategy,
callbackURL: '/',
scope: ['public_profile', 'email'],
}));
...
And finally, in src/app.js file I've added a new "Facebook login" button that just changes window.location to '/auth/facebook' so that the OAuth2 Facebook process can begin.
After pressing the "Facebook login", I'd expect the user to be created in the NeDB DB and a valid JWT to be stored so that the feathersclient.authenticate() call would not fail.
But instead of that, the Facebook login page is properly called, and after that the browser is returned to the main page ('/'), but after that, when the main page is reloaded and the feathersclient.authenticate() is called, the server complains that there isn't any valid JWT token, so authentication fails. Also I cannot see the user created in the NeDB DB, so the supposed user and JWT creation that should be done by the feathers-authentication-oauth2 plugin is not...
I've finally made it work... I was wrongly configuring the Facebook authentication strategy, I've changed it to:
app.configure(oauth2({
name: 'facebook',
successRedirect: '/',
failureRedirect: '/',
Strategy: FacebookStrategy
}));
and now it is working.
Question
How would we test a Doorkeeper oauth2 implementation for a Zapier cli app?
Background
I have a Rails 3 app. I am trying to create a Zapier client for the application and I decided to use OAuth. Thus I configured doorkeeper to generate a JWT. All looks good, I am able to authorize and get token using the redirects.
I am not sure how to test the app purely through the console. Wouldn't it require some way to authorize using username/password?
I got an app generated from the template with some minor differences.
it('can fetch an access token', (done) => {
const bundle = {
inputData: {
// In production, Zapier passes along whatever code your API set in the query params when it redirects
// the user's browser to the `redirect_uri`
code: 'one_time_code',
subdomain: 'ducks'
},
environment: {
CLIENT_ID: process.env.CLIENT_ID,
CLIENT_SECRET: process.env.CLIENT_SECRET
}
};
appTester(App.authentication.oauth2Config.getAccessToken, bundle)
.then((result) => {
result.access_token.should.eql('a_token');
result.refresh_token.should.eql('a_refresh_token');
done();
})
.catch(done);
});
results in something like this:
1) oauth2 app can fetch an access token:
Got 401 calling POST https://ducks.<domain>.com/oauth/token, triggering auth refresh.
What happened:
Starting POST request to https://ducks.<domain>.com/oauth/token
Received 401 code from https://ducks.<domain>.com/oauth/token after 1425ms
Received content "{"error":"invalid_request","error_description":"The request is missing a required parameter, include"
Got 401 calling POST https://ducks.<domain>.com/oauth/token, triggering auth refresh.
Which should be because the user is not logged in the request made in the test console...
How can I make the user login? Or should the tests be changed?
2 hours trying to get this to work and I can't. Firebase authenticates the user just fine, but then it can't fetch anything from the Google Plus API.
The error you will get:
{
domain: "global"
location: "Authorization"
locationType: "header"
message: "Invalid Credentials"
reason: "authError"
}
The code is this:
Auth.$authWithOAuthPopup(provider, {
scope: ['profile', 'email']
}).then(function(authData) {
console.log(authData.token);
gapi.client.setApiKey('<APIKEY>');
gapi.client.load('plus','v1', function(){
var request = gapi.client.plus.people.get({
'userId': 'me'
});
request.execute(function(resp) {
console.log('Retrieved profile for:' + resp.displayName);
debugger;
});
});
}, showError);
It must have something to do with Firebase making the call on our behalf. Because this codepen, in which we do our own authentication, works fine:
http://codepen.io/morgs32/pen/KVgzBw
Don't forget to set clientId and apiKey in the codepen.
If you can figure this one out you're gonna get gold on christmas.
You're trying to use authData.token to access Google. But authData.token is a JWT token for accessing Firebase.
To access Google, you should use authData.google.accessToken.
Also see this page in the Firebase documentation on using the Google provider.
I'm trying to connect to FB using django-allauth. Earlier I went with the oauth method and it was working fine, get all the access tokens. But now, I'm trying to run with js_sdk, but cant figure the problem here.
settings.py:
SOCIALACCOUNT_PROVIDERS = \
{ 'facebook':
{ 'SCOPE': ['email', 'publish_stream','user_birthday'],
'AUTH_PARAMS': { 'auth_type': 'reauthenticate' },
'METHOD': 'js_sdk' ,
'LOCALE_FUNC': lambda request: 'en_US'}}
html:
{% load socialaccount %}
{% providers_media_js %}
Facebook connect
On clicking the Fb connect link, nothing happens as it tries to make a call to javacript:FB_login(''), which doesn't work.
Any help on this would be great. Thanks!
Placement is important. It's recommended to include this right after your < body > tag.
{% load socialaccount %}
{% providers_media_js %}
To slim down to barebones settings for testing, you could also try this:
SOCIALACCOUNT_PROVIDERS = {
'facebook':{
'SCOPE': ['email', 'publish_stream'],
'METHOD': 'js_sdk',
}
}
Did you override the default allauth templates? If so, please make sure that you add the following to your login template:
{% load socialaccount %}
{% providers_media_js %}
In the default templates, this happens here:
https://github.com/pennersr/django-allauth/blob/27e2a8de0fe3c0c2e65ab8337617eb17a359940c/allauth/templates/account/login.html#L28
The tag adds the required Javascript (if any) for the enabled providers.