I have a task in which I have to make sure to do a particular action (open a popup) on the basis of some url parameters in the query string when a user clicks a link from an email, but suppose the user is not logged then the authorization fails as the action I am redirecting the user to is has the authorize attribute,
I show a page here saying authorization has failed and then there is a link through which the user can log in and get redirected to her landing page.
Unfortunately the URL parameters get lost.
I have them in the filtercontext when function HandleUnauthorizedRequest gets hit, how do I flow this URL after login.
You need to flow the information of the original intent or destination in the login screen when the user is not logged in.
One standard way to do this would be to include the information in the query string e.g. http://blah.com/login?continue=<url encoded original url>. When the user successfully logs in, simply see if the query string had a value and then redirect the user there, if not just do the default action of login.
Related
I'm trying to setup an OAuth2 flow on my react app and the instructions I've been given from the 3rd party say to add a 'state' parameter with a unique identifier that will be passed back to the redirect URL on a successful request. It's passed back so I know that the request originated from my site.
My question is how should I do this? Should the state I send to them be unique for everyone who clicks the link or should I just set the state to some random string that is the same for everyone?
Also, if it's unique for everyone, how would I stop someone from seeing the state by looking at the link URL in dev tools?
I can't get my head around this one. Here are the instructions in case they help... ...On your site, an [affiliate name] user wants to link their account to us. You redirect to our auth page (https://oauth2.example.com/oauth2/auth) As query parameters you will need to provide:
redirect_url : The redirect url you registered
client_id : The identifier you were given
state : A string that uniquely identifiers this request. We will pass it back to your redirect URL on successful request so that you know you were the originator of the auth flow.
E.g. on your site, someone clicks on Connect Example Account, you open a page with URL https://oauth2.example.com/oauth2/auth?redirect_uri=https://affiliatename.com//auth/callback&client_id=12345&state=very_unique
http://localhost:8080/view/view_name/job/job_name/parambuild/?IP=10.10.10.10
Accessing the above link, says HTTP Error 404 Not found if user has not logged in.
Any permission access to be changed from job point of view, in order to redirect to the same page eventhough user has not logged in.
http://localhost:8080/view/view_name/job/job_name/build?IP=10.10.10.10
This link can be accessed in both cases user logged-in & user not logged-in.
Here, param filed will not be auto-filled by 10.10.10.10
I need param field to be auto-filled by the value passed by URL. That can be achieved by first link.
How can i access the first link page, eventhough user has not logged-in (later it can be redirected to login page, once the build button clicked) ?
Are you trying to trigger a build for a non logged-in user ? sounds risky ... however i would try 2 options :
remove the / from the /? in your first link
building remotely needs to pass token (should be also enabled in the job):
curl -X POST "http://user:pass#localhost:8080/job/JOB1/buildWithParameters?token=TK1&IP=10.10.10.10"
In Grails 2.5.1 application i'm using Spring security core plugin 2.0-RC5 , i would like to return back to the requested URL, for instance to access page payOnline you need to be logged in first so i redirect to the login page after the successful login i want to go to payOnline.
How this could be achieved?
To access page payOnline you need to be logged in first so i redirect to the login page after the successful login i want to go to payOnline.
1. Go to Requested page :
By default spring security stores the request url you want to access before you are redirected to the login page. After you logged in successfully you are then redirected to the page you wanted.
E.g.
User trying to access `/payOnline`
If user is not logged in redirect user to `login` page
user successfully logged in redirect to `/payOnline`
What you are asking is the default behavior of spring security core plugin.
If its not working as expected then please check if you have successHandler.alwaysUseDefault config property present in your config.groovy. If yes then remove it.
2 . Got to specific page always :
If you want to go to specific page always after login then you you can specify the controller action to which you want to go in UrlMappings.groovy pretty easily.
Just specify the controller and action to which you want to got after login like below
Lets suppose Provision Controller and payOnline action.
"/"(controller: "provision", action: "payOnline")
This will redirect all the successful login users to payOnline page.
Reference :
http://docs.grails.org/2.5.1/guide/theWebLayer.html#urlmappings
The use case:
On my website, there is a field to post a comment to an item. The field is visible even if the user is not logged in. The user types in the comment and click submit. Because he's not logged in, we redirect him to the login page. The app stored the location. When he successfully signs in, he's redirected back to the previous location, which is the url to the comment form action, but with the verb GET. I managed to avoid this redirection to the last location in this case and instead redirect the user back to the item. That sucks because the user has to enter his comment again.
For those asking: I want to display this comment field in all case to increase the engagement. Don't want to hide this feature from visitors.
My question is very similar to this one
Redirect after login results in 404 error if a user submits a form to a POST-only action and their authentication has timed out
but using Rails 3.1+
THe question is: how to save the post action (with all the parameters) and re-post it once the user successfully logged. Another issue: The post is send via ajax.
Thanks
My facebook application is installed on multiple pages as a tab.
When a user clicks on the tab link from a page, if the user has not authorized my app, I redirect the user for authorization.
After authorization, the user is redirected to my site with the "code" value. Now, at this point, I can get the "access token" for this user but I do not have the current page id.
I need the current page id in order to show the page specific data to this user.
However, after the user has authorized my user, when the user comes back later, i get the page information from the signed request. But I also need the page information immediately after authorization.
When your app first loaded as a tab, you can read the "signed_request" and compose the redirect_uri with it.
var encodeURI = encodeURIComponent("http://myapp.com?pageid=123");
and redirect your user to somewhere like
https://www.facebook.com/dialog/oauth?
client_id=YOUR_APP_ID&redirect_uri=encodeURI&response_type=token