I am using Azure Mobile service's oAuth to authenticate users with their facebook/google/twitter in a hybrid JS app. When azure client's 'login' method is called, it opens a popup window to show the selected oAuth providers login screen where user can enter login credentials. After the authentication is over, this popup usually closes, when I test on Chrome Ripple emulator or on my device.
I test my code also on Telerik Appbuilder, because it gives more 'real-device' environment compared to Chrome Ripple (some may differ on this point, but I don't want to get into that argument and that's actually not the point of this question).
The issue I am facing when testing on Telerik Appbuilder device emulator is - the oAuth popup doesn't close once user is done logging in - wondering if anyone may have any clue about this issue? many thanks.
Related
We are trying to implement a login flow for a public Wi-Fi. With Android and Windows devices the login flow works perfectly.
With IOS (15) devices the Captive Network Assistant does not complete. In the upper right corner the Cancel button does not change to Done even though the authentication was successful.
Our login application is a Single Page application. Therefore the user is routed to the welcome page after login. When we do a manual reload of the page the Button changes to done.
We use the Captive Portal API (CAPPORT) to identify the access point as captive portal.
I think the following issue is related to our problem: https://community.cisco.com/t5/network-access-control/cisco-ise-3-1-sponsor-guest-flow-and-apple-cna-issue-cancel/td-p/4500187
Is there a possibility to get the state to done without reload?
My current scenario is:
Running an iPhone on the latest iOS
LinkedIn App is installed and logged in
Web browser is NOT logged into LinkedIn (because I have the app)
Developing a web app with "log in with LinkedIn" functionality
On the iPhone, clicking the "log in with LinkedIn" button redirects me straight the the LinkedIn App, which subsequently does nothing - just shows me my feed. I have verified this same behaviour occurs on a third-party site as well as my own. Note that Android exhibits similar behaviour, though I haven't tested as extensively there.
I've found several workarounds:
If I open the web site in Private Browsing mode clicking the login button asks me if I want to open the App or stay in the browser.
If I long-press and "Open in background tab" the login button it'll open (in the background, of course) instead of redirecting to the app, allowing me to log in.
If I manually type "linkedin.com" into the browser and log in then it seems to work too.
None of these are even vaguely practical for end users, essentially forcing us to remove the option entirely.
I'm fairly sure this is a problem at LinkedIn's end and the solution is either:
Don't redirect to the App for OAuth Authorize requests, or
Make the App correctly handle OAuth Authorize requests.
If I'm incorrect and there's some way we can stop this redirect from the client side I'd be happy to hear, otherwise I hope LinkedIn engineers actually see this...
See the comments in Issues with Linkedin Social connection
LinkedIn already confirmed that it is a problem on their side.
As of iOS 11, I'm seeing a new login flow when using FBSDKLoginKit and FBSDKCoreKit. I realize apple's recent change(s) to how apps talk with each other re: facebook credentials mean we first have to go through safari during the authentication flow... but for some reason I'm seeing the below alert dialog (see first and second screenshots) even though in other apps that feature facebook login, I'm able to go directly to facebook.com and am then offered the choice to either authenticate through the native Facebook app or log in with email/password (see second screenshot).
Does anyone know why I'm seeing this flow on my app but am seeing a different flow on pretty much every other app that I've looked at that's implemented facebook login? I've followed the flow listed on https://developers.facebook.com/docs/facebook-login/ios so I'm pretty much stumped. Thanks in advance.
You can try changing the loginBehavior of the login manager. See https://github.com/facebook/facebook-ios-sdk/blob/master/FBSDKLoginKit/FBSDKLoginKit/FBSDKLoginManager.h#L72. That alert is part of iOS 11' SFAuthenticationSession auth flow.
/**
This is the default behavior, and indicates logging in through the native
Facebook app may be used. The SDK may still use Safari instead.
*/
case native
/**
Attempts log in through the Safari or SFSafariViewController, if available.
*/
case browser
/**
Attempts log in through the Facebook account currently signed in through
the device Settings.
#note If the account is not available to the app (either not configured by user or
as determined by the SDK) this behavior falls back to \c .native.
*/
case systemAccount
/**
Attempts log in through a modal \c UIWebView pop up
#note This behavior is only available to certain types of apps. Please check the Facebook
Platform Policy to verify your app meets the restrictions.
*/
case web
This is an intended behaviour, confirmed to me by Apple & Facebook. It's the implementation and flow of SafariViewController authentication, it's documented by Apple too (the system alert) & the third screenshot you post it's most probably an app using an old version of Facebook SDK. Please checkout this post I opened some weeks ago with the same UX you describe, then you'll find more comments & links to the proper documentation. You can not do nothing in your code to prevent the system alert to appear, unless you downgrade the FB version.
I have finally got my iPhone app to authenticate and return back to my app with the authorisation code. The main problem was that the reverse client id did not get picked up by my app. I had to add an url scheme of my bundle id instead of the reverse client id.
Anywho, the problem is post authenticating in Safari I am presented with a open 'app name' page dialog. If the user clicks open it works fine. If they leave it for just a few seconds it redirects them to the Google homepage and they have to start all over again. If they are using two factor authentication by any other method than phone call I think it fails too.
How can I avoid this open page dialog?
The solution I found was to use the official Google library for iOS. This does not involve Safari like the AeroGear library I was using does.
I'm writing an application which runs when a user tries to access a WiFi network and requires them to authenticate themselves. The router directs them to the site where they have some authentication options, one of which is through Facebook.
FB.login(function(response){
if(response.authResponse){
checkFBPermissions(response.authResponse.grantedScopes);
}else{
backToLoginOptions();
}
},{
scope: permissions,
auth_type: authtype,
return_scopes: true,
});
This all works fine on a laptop, android and even the new iPhone. On the iPad however (running iOS8), within the CNA browser (the browser that is launched automatically when connecting to the WiFi network) when the user hits login via FB they are taken to the FB login page within the same "tab" (I guess the CNA browser only ever has one tab) rather than opening a new window, and then after the user submits the Facebook login form it goes to a blank page. I guess this is because of the navigation away from the page (thus the JS code awaiting the response stops running).
We have a workaround which uses the "https://www.facebook.com/dialog/oauth?" method but this doesn't seem to be supported by the new FB API and I was hoping to find a solution that uses the new standard.
Any ideas?
Wifi network gateway is able to byPass the CNA browser. Then user is able to open browser manually.
Ruckus wireless provided this solution - bypassCNA=true
This will bypasses only iOS CNA page. Not android mini browser.