Based on this stackoverflow question foursquare oauth2 for IOS
I need to send user from my app to foursquare. Get permission and redirect to my web server. I get the access token, but how do I redirect to a view?
In my rhomobile controller I have
def fsq_login
WebView.navigate('https://foursquare.com/oauth2/authenticate?client_id=MY CLIENT_IT&response_type=code&redirect_uri=http://lvh.me:3000/fsq_req')
end
Once I have the access_token, how can I get my webserver to trigger a rhomobile view?
You may be able to set your redirect uri to point back to your Rhodes application using the following:
http://docs.rhomobile.com/rhodes/device-caps#run-rhodes-application-from-browser
Related
I created nodejs web application with react frontend. I have backend API assigned to api.domain.com.
In my api i have 4 endpoints.
/api/auth/login/google, /api/auth/login/facebook, /api/auth/redirect/google, /api/auth/redirect/facebook.
When i tried to login from domain.com via google or facebook my front end send request to api/auth/login/(google or facebook), then user redirects to google's login page and then it redirects me to the https://myaccount.google.com/?pli=1 or https://www.facebook.com/#_=_
How to solve this problem ?
I used default passport strategies for login with Nest.js
Plz help me)
It happends cause i tried to redirect my user back with res.redirect(req.headers['referrer']); - it redirects me to this pages
I'm currently implementing an OAuth2 authentication using Microsoft Bot Framework and Cortana as one of my channels. However, as I was setting up my OAuth2 configuration with the following details in where I properly set the Redirect URL both from Knowledge Store and apps.dev.microsoft.com
Knowledge Store:
apps.dev.microsoft.com:
Whenever I authenticate to Cortana based from the OAuth2 that I've configured, the redirect URI seems to be always set as https://www.bing.com/agents/oauth. Here's a screenshot of the http request from Cortana Authentication that I got from fiddler:
Which causes this error message:
Any idea how to fix this?
Don't forget that the bot channel (in this case Cortana) needs to be where the redirect points to. Cortana's redirect is https://www.bing.com/agents/oauth.
Documentation here. You can test OAuth via botframework and the emulator. In that case, the redirect is https://token.botframework.com/.auth/web/redirect. Documentation here. If you look at the diagram in the spec on page 10, you'll see that Cortana is the client. The auth call needs to come back to her. You also need to let the auth server know that the redirect URL is allowed. For Microsoft login, you go to the app dev portal, select your app, go add a "web platform" and register the redirect urls. That should solve the problem on both ends.
I am doing integrate uber sdk using oAuth2Client in ios.I got access token using
" https://login.uber.com/oauth/v2/token" but when I was trying to remove token using "https://login.uber.com/oauth/revoke" I got response code "200" but access token not be nill so I am not able to redirect on login screen.and
I directly redirect into
If anyone do uber integration in ios application.Please help me!!
Thanks in advance!!
Calling POST /oauth/revoke invalidates the access_token, refresh_token pair that you have for that user.
However, that user is probably still logged into Uber.com and has an active & valid session with a cookie in the browser.
You probably do not want to log the user out of the browser session, but if you did want to you could direct them to https://riders.uber.com/logout
I am trying to authorize my app using the dropbox oauth 2.0 but getting Cross origin issue. I made a GET request to https://www.dropbox.com/1/oauth2/authorize
with response_type: 'code' and client_id but keep getting the cross origin issue.
When using this "https://www.dropbox.com/1/oauth2/authorizeclient_id=CLIENT_ID&response_type=code" directly in the browser, I am redirected to the dropbox authorization page as expected.
Am I missing anything in my code?
The /authorize page (https://www.dropbox.com/1/oauth2/authorize...) is only a web page that users should be interacting with in their browser. It isn't an API endpoint so you shouldn't be attempting to call it programmatically.
If you're implementing the OAuth 2 app authorization flow, this blog post may be useful:
https://blogs.dropbox.com/developers/2013/07/using-oauth-2-0-with-the-core-api/
I am creating an API for my application. On one side, there is the API server (and the main app) and on the other, the client. The sever uses DoorKeeper to secure the API using OAuth 2.0 (basically turning the main app into an OAuth 2.0 provider) and the client is using OmniAuth with a custom strategy for my app.
The main app uses multitenancy using subdomains; so every client has its own subdomain. There is also a oauth subdomain that is routed to the DoorKeeper interface.
When a user clicks on the "Log in with my app" link, he gets redireced to the oauth subdomain. If he is not logged in to the main app, he needs to get redirected to the login page under the correct subdomain. So I need to pass the client's account name to the server so that DoorKeeper knows to which subdomain to redirect to.
How can I achieve that please?
I've researched on the subject and found out how to pass to OmniAuth params that will get passed to the callback action. Will those params be available to the server?
EDIT: I am not using Devise!
EDIT 2: Here is some code.
Client app session controller create action (log in with my app)
def set_client
self.current_client = Client.find(params[:client][:name])
redirect_to "/auth/catapult?client=#{self.current_client.account_name}"
end
As you can see, I append the client param to the OmniAuth route, but this param is not passed to the server app (DoorKeeper), so I have no idea where to redirect to on the server app.
DoorKeeper config
resource_owner_authenticator do
p params
User.find_by_id(session[:user_id]) || redirect_to(log_in_path)
end
In the redirect above, I need to specify the client's account name as subdomain, but I don't have this info (client's account name) since the params hash does't contain the client's account name that I passed (the client param)
I found out how to fix my problem. I had to dig in deeper into the OmniAuth source code. what I had to do is override the request_phase method in my custom strategy as follow:
def request_phase
redirect client.auth_code.authorize_url({:redirect_uri => callback_url, :catapult_client => request.params["client"]}.merge(authorize_params))
end
Where :catapult_client is, add any extra params you want to pass and it just works!
The simplest way is to pass the place-to-redirect-to-after-authenticating-successfully as a query param when they are redirected to the login page, so it's there as part of the GET request's querystring. Store it, and on a successful auth, redirect them there. You don't need to involve this data in the OAuth process at all.
Of course, I'm assuming that they all start at their subdomain too.
Edit:
When a user clicks on the "Log in with my app" link, he gets redireced to the oauth subdomain.
Assuming the user starts at mysubdomain.yourapp.com, they click on the "Log in with my app" link.
The link also contains a query parameter with the subdomain in it, so oauth.yourapp.com?redirect=mysubdomain.yourapp.com (or just oauth.yourapp.com?redirect=mysubdomain)
The user arrives at oauth.yourapp.com. The app stores the query parameter. The user puts in their details or is redirected to a serviceā¦
The OAuth process is finished, the user has been authenticated.
Redirect the user back to the redirect parameter stored earlier.
This is how I do it, just not with Rails, but I don't see why you couldn't use this process with any framework. This, as I mentioned, depends on the user starting on the correct subdomain.