I'm currently working on an Electron (1.0.1) project where I'm heavily dependent of webviews. Everything works so far except when I try to access https://twitter.com or https://tweetdeck.twitter.com.
Whenever I try to login (on both sites) the request to https://twitter.com/sessions gets canceled and I'm not logged in.
However, if I take a look at the stored cookies I can see a newly generated access token – so when I refresh the site I'm logged in.
Twitter is the only site where I can experience this behaviour and I just can't figure out whats going on here.
The webview initialization is very simple:
<webview src="https://tweetdeck.twitter.com" partition="persist:tweetdeck"></webview>
It isn't fixed yet but this is a known issue and the Electron folks are already working on it. If you like to follow the issue: Issue: #3471 Twitter authentifcation form POST REDIRECT
Related
I have built an authentication system for Microsoft Teams tab -( angular application) using Authentication for tabs using Azure Active Directory - Teams and it is working fine on desktop (app and browser) but when I am trying to run on the mobile app and then press Authenticate(seen below in image) button it takes me to the sign-in popup after signing in it returns back to same authenticate page.
Now, when I try it a second time it lands me on the page where I want to but with missing data and also, not as responsive it should be.
The below screenshots taken from the iOS device will help further: I am on Version: 2.4.0
Desktop View:
Major Queries:
Is the Azure AD (https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-tab-aad) authentication will not work for mobile devices?
If I switch to a Single sign-on(https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-aad-sso) , are there any limitations to using it and also, will it support all the platforms ?
Is the Azure AD (https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-tab-aad) authentication will not work for mobile devices?
It should work on mobile devices.
If I switch to a Single sign-on(https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-aad-sso) , are there any limitations to using it and also, will it support all the platforms ?
Single sign-on doesn't solve anything because if it fails you have to fallback to the default auth flow.
Looks like this is an angular issue, not a Microsoft's auth issue.
The problem is interesting because in general it is working but from the second attempt.
I think it might be the issue with synchronization, when some part of the code is running outside of the Angular but is trying to do something with the variables in the Angular's zone.
I don't know how exactly microsoftTeams.getContext and microsoftTeams.authentication.authenticate work but they are async and if they use setInterval/setTimeout they definitely will work outside of your Angular app.
And if they set data into your angular variables you will have the issues like you described.
So that's what happens in my opinion:
You are clicking auth button, everything is fine you are redirected, authenticated and redirected back to your final page.
On that final page your app is trying to save your token into the local angular variable.
Code that is setting the token works outside the Angular and Angular doesn't see this change. So from the angular's perspective nothing has changed, you are still not authenticated.
Your app is redirecting you to your private page, Angular doesn't see token and redirects you back to the auth page.
<Here something happend, for example ChangeDetectorRef.detectChanges, or other sync things>.
You click auth again and you end up authenticated on your private page, but without the apiKey and UserID (which have the same issue as token)
So to fix this you need to notify angular manually by using ChangeDetectorRef.detectChanges or wrap your async code with the NgZone.run.
Since few days I have problems with the API instagram. Instagram sending this error page after the user has entered this login information.
"This page could not be loaded. If you have cookies disabled in your browser, or you are browsing in private mode"
Do you know why ? How to do ? Need help
On webapp authentication... the problem is related to instagram platform. I found that the problem arise only if your browser don't have the instagram cookie "ig_cb" set. This is set when you accept cookie policy on instagram.com. The workaround is to go on instagram and accept cookie policy then go back to your social auth and proceed.
This happens for both mobile and desktop users (browser).
Being a block on instagram login process... I guess there's no definitive solution other than wait for instagram bug fix.
I hate to be the bearer of bad news, but we also had this problem, which flagged on the Facebook Dev page: https://developers.facebook.com/support/bugs/406930029718049/
They have looked into the problem, as a number of us have had this exact issue too. It is only affecting EU user, as our US users are logging in and signing up without problems, and it seems that Facebook are refusing to look into it - their Instagram Platform API forum has already stopped accepting issues.
In terms of what we have learnt since last week, we think:
It is likely GDPR related
Not all apps have been affected, Bumble does not have this problem but Tinder does
It is happening with both the old Platform API and Graph API, according to a developer who has already migrated to Graph.
No one seems to know anything!
UPDATE:
So it seem's it is in fact a cookie issue on mobile. When a user goes to sign in on mobile view, the 'accept cookie' message that typically appears on web doesn't appear. However, when the error screen pops up, if you click 'Log in' in the top right, it will redirect you to the web view, which lets you accept the new terms and conditions. Then, once you direct back to mobile the cookie seems to have been saved and you can now login. This has worked for us on iOS so far, but not Android, and we still haven't come up with a work-around yet.
This bug has now been fixed.
Thank you all for your comments, individual input, and patience while we worked to address this issue for everyone.
I am happy to report that this particular issue with Instagram login should now be resolved, but if you are still seeing any issues related to this fix, please let us know on this report only.
I'm attempting to hook my application into Flickr but having issues during the Authentication process.
I've followed instructions in:
https://github.com/devedup/FlickrKit
I've created a CFBundleURLTypes for my application (let's call it myapp://) and tested that it works (i.e. I type myapp:// in a safari). I've successfully called the authentication URL in Flickr, it shows the login, asks the user to grant my app the necessary permissions then instead of redirecting back to my app via my URL...it does nothing, and the app is not authenticated.
I used FlickrKit demo app replacing its api key/secret/CFbundleUrltypes with mines and the issue is the same, so the problem is not in the code but rather in the way i registered my app in flickr. Said that...I just followed the instructions in Flickr "Edit Authentication Flow" so I guess the issue is with the callback url I put in flickr. I used myapp://auth? as described in many posts in the internet but does not authenticate or call back my app.
This is not the same issue reported here:
Flickr Authentication Flow and iPhone
but rather similar to the unanswered post:
flickr callback URL not working
The Info.plist for the custom URL handler and the AppDelegate code are a copy&paste from the flickrKit demo app [no need to reinvent the wheel] and anyway even after changing api key secret and url in flickrKit demo app with mines...the app is not called back, so it must be something wrong in my app registration.
Anybody experienced a similar behavior ? i ruled out objective-c code and callback url as the issue, so what is left is the flickr part but not sure where to look for help... so i wrote this post.
Thanks for any tip,
dom
Probably this is a problem of api signature calculation. All the parameters passed via method should be used to calculate an api signature.
I'm about to build a console application that needs access to the authenticated YouTube Data API. Calling the API's themselves is not a problem, I know quite well how to make and process HTTPS requests.
I've already gotten the API key and the Client ID. No problems there, either.
The problem is the authentication.
I've checked here: https://developers.google.com/youtube/v3/guides/authentication#installed-apps
On the "Installed applications" tab, in step two, it instructs on how to set up a url to call to do the authentication step. All good so far. But before programming anything, I thought I'd try and see what that url does in the browser.
Turns out it just displays a login prompt. Well how about that. That won't work in this kind of console application. The idea is, presumably, that the user is somehow shown this webpage and be instructed to login and allow access. Then, somehow, by some kind of magic perhaps, the access token is sent back to my console application.
Two things I'm not quite sure about:
1) How do I prompt for the username and/or password in the console app and send that to the authentication URL?
2) How would I get the access token back from it?
The biggest problem is that the API seems to require a browser... Which isn't there. My console application will (eventually) run unattended, so starting up a browser and displaying a webpage and doing nothing until it returns a code, is out of the question. I need to somehow supply the authentication page a username/password and get back the code right away.
I'm working on an app using facebook & oauth. The app lives inside a facebook canvas, and the authentication is done server side. The app is done w/ Ruby on Rails 3.2, using Koala for dealing with the api (and mongodb as backend, for what it's worth), and hosted on heroku.
So, I supply the heroku url as redirect_url for the callback. Which makes the user go out of the canvas after the authentication, and well, I want it to stay inside. I read a few threads about this that suggested I redirect to the canvas url with js once the authentication is done. I did that, but now it seems that my session token is never set, and the user goes through the auth flow every time he tries to see a non-public page (which means he loops on the welcome page, having an "invisible" exchange with facebook each time).
I don't really get what I'm doing wrong here, so any help is welcome. If you need more informations, just ask.
Thanks for your time!
So I found what was my problem : the page my canvas pointed to was a "public" page, and did not handle anything authentication related, meaning it didn't parse the signed_request, or anything else. I ended up setting a special endpoint for the canvas in charge of handling the signed_request logic, and now it works as one would expect.