I have a static website using azure storage:
https://helloweb.blob.core.windows.net/content/index.html
What is the domain I need to configure at onesiganl app settings:
Site URL : https://helloweb.blob.core.windows.net
Default Notification Icon URL: https://helloweb.blob.core.windows.net/content/icon.png
My manifest.json:
{
"name": "Hello Web",
"short_name": "Helloweb",
"start_url": "/content/index.html",
"display": "standalone",
"gcm_sender_id": "482941778795"
}
I can't see any user at onesignal users page.
According to onesignal document mentioned that OneSignalSDKWorker.js & OneSignalSDKUpdaterWorker.js should be served from the top-level root.
In the Azure storage, we are not able to set the blob in the top-level root. The blobs require a container.
Upload the files to the top-level root of your site directory. The following URLs should be publicly accessible:
• https://yoursite.com/manifest.json
• https://yoursite.com/OneSignalSDKWorker.js
• https://yoursite.com/OneSignalSDKUpdaterWorker.js
OneSignalSDKWorker.js & OneSignalSDKUpdaterWorker.js
• These files should not be renamed and the files should be served from the top-level root
From my experience ,it is not a good choice that put the website in the Azure storage. We could use azure WebApp service to do that easily. I do a test for it. It works correctly.
The following is my detail steps:
1.Create WebApp from the Azure portal
2.Configure OnSignal settings
3.Download the Web Push SDK and follow the tutorials to edit the manifest file.
4.Add an index file and just need to replace the "YOUR APP ID"
<head>
<link rel="manifest" href="/manifest.json">
<script src="https://cdn.onesignal.com/sdks/OneSignalSDK.js" async></script>
<script>
var OneSignal = window.OneSignal || [];
OneSignal.push(["init", {
appId: "YOUR_APP_ID",
autoRegister: false,
notifyButton: {
enable: true /* Set to false to hide */
}
}]);
</script>
</head>
5.Upload the code into WebApp using Kudu (https://yoursite.scm.azurewebsite.net/).We can drag files into the folder directly. More deploy please refer to official document.
From the Firefox browser visit https://yoursite.azurewebsite.net/index.html. And we need to set permission to set the message popup.
Check from [All User] we will see the subscribed user info
Related
I have an application I have been developing which is to make use of the Facebook Developers FB.ui share popup:
FB.ui({
display: 'popup',
method: 'share',
href: imgUrl,
quote: imgComment,
}, function (response) { });
This seems to work perfectly when I am developing on localhost:5001 (I have set the following in my FB Dev Application settings):
However, as soon as I publish my application to my Azure hosted site (on the other address I have marked out above) I get the following error when trying to load the FB.ui Share popup:
The URL in the Valid OAuth Redirects URIs matches exactly the location of my Application online on Azure:
so cannot figure out why I am seeing this error when trying to load the Share popup.
The URL in the Valid OAuth Redirects URIs matches exactly the location of my Application online on Azure
The error message wasn't talking about that field, but about the App Domains field.
You find that under Settings -> Basic.
I have a Chrome Extension that needs to authenticate the user. Once authenticated, I will send that user's email to my server running in Docker and then log them in. I am having trouble getting the token. Here is the code:
chrome.identity.getAuthToken({ 'interactive': true }, function(token) {
if (chrome.runtime.lastError) {
currentSessionAccessToken=token;
alert(chrome.runtime.lastError.message);
//alert("you need to have a gmail account"); //ubuntu
return;
}
currentSessionAccessToken=token;
var x = new XMLHttpRequest();
x.open('GET', 'https://www.googleapis.com/oauth2/v2/userinfo?alt=json&access_token=' + token);
x.onload = function() {
if (x.readyState=200)
{
var data=this.responseText;
jsonResponse = JSON.parse(data);
photo = jsonResponse.picture;
szName=jsonResponse.name;
email=jsonResponse.email;
x.abort(); //done so get rid of it
send_to_backend(request, sender, sendResponse);
};
}
x.send();
}
The problem is that I am not getting back an access token. The backend (at this time) is also on my laptop (localhost) but in a docker container. I don't have an SSL cert for my localhost and I am wondering if that is the issue? I am never getting a token so I never get to send it with the XMLHttpRequest, and thus I never get a ReadyState=200. Any idea what is wrong?
Did you register your app for Google OAuth API access and designate the oauth field in the manifest?
From the documentation on user auth:
Copy key to your manifest
When you register your application in the Google OAuth console, you'll provide your application's ID, which will be checked during token requests. Therefore it's important to have a consistent application ID during development.
To keep your application ID constant, you need to copy the key in the installed manifest.json to your source manifest. It's not the most graceful task, but here's how it goes:
Go to your user data directory. Example on MacOs: ~/Library/Application\ Support/Google/Chrome/Default/Extensions
List the installed apps and extensions and match your app ID on the apps and extensions management page to the same ID here.
Go to the installed app directory (this will be a version within the app ID). Open the installed manifest.json (pico is a quick way to open the file).
Copy the "key" in the installed manifest.json and paste it into your app's source manifest file.
Get your OAuth2 client ID
You need to register your app in the Google APIs Console to get the client ID:
Login to the Google APIs Console using the same Google account used to upload your app to the Chrome Web Store.
Create a new project by expanding the drop-down menu in the top-left corner and selecting the Create... menu item.
Once created and named, go to the "Services" navigation menu item and turn on any Google services your app needs.
Go to the "API Access" navigation menu item and click on the Create an OAuth 2.0 client ID... blue button.
Enter the requested branding information, select the Installed application type.
Select Chrome Application and enter your application ID (same ID displayed in the apps and extensions management page).
Once you register your app you need to add something like this to your manifest:
"oauth2": {
"client_id": "YOUR_CLIENT_ID",
"scopes": ["scope1", ...]
}
Turns out that in order to get "identity" working you must publish to the Google WebStore. The reason I stayed away from that is that it often takes weeks to get a site reviewed. I have had that experience in the past. I haven't really nailed down the new URL that will be using and wanted to get the system working before I did that. Now that I submitted for Review, I guess I have some time, and will "dummy up" the steps needed (ie authentication) to continue the development work. Thanks Micah for pointing out the manual. This led to me realizing that there is no way to get "identity" working without getting approval from Google.
I've created a simple template like in the demos:
<!DOCTYPE html>
<html>
<head>
<title>Add your title here</title>
</head>
<body>
<h1>My B2C Application</h1>
<div id="api"></div> <!-- Leave this element empty because Azure AD B2C will insert content here. -->
</body>
</html>
This is a file hosted on my App Service at:
https://<mydomain>.azurewebsites.net/html.signin.html
I've created a B2C tennent and that is all working. In my Signup Signin policy (B2C_1_aa-signup-signin)
I've setup the custom page url to:
https://<mydomain>.azurewebsites.net/html.signin.html
However, even just clicking on the Signup button on my site returns an error:
Error. An error occurred while processing your request.
Request ID: |258cfa9e-4dab035257ed702a. Development Mode
Swapping to Development environment will display more detailed
information about the error that occurred.
Development environment should not be enabled in deployed
applications, as it can result in sensitive information from
exceptions being displayed to end users. For local debugging,
development environment can be enabled by setting the
ASPNETCORE_ENVIRONMENT environment variable to Development, and
restarting the application.
I've setup CORS in my .NET Core 2.1 application with:
services.AddCors();
And:
app.UseCors(opt =>
{
opt.WithOrigins("https://<b2c-tennent-name>.b2clogin.com")
.AllowAnyHeader()
.AllowAnyMethod();
});
From all I've read, this is all I should have to do. I've been looking to try and find any CORS settings on my web sites App Service but I can't see anything relevant.
My site config is:
"AzureAdB2C": {
"Instance": "https://<b2c-tennent-name>.b2clogin.com/tfp/",
"ClientId": "<my id>",
"CallbackPath": "/signin-oidc",
"Domain": "<b2c-tennent-name>.onmicrosoft.com",
"SignUpSignInPolicyId": "B2C_1_aa-signup-signin",
"ResetPasswordPolicyId": "B2C_1_aa-password-reset",
"EditProfilePolicyId": "B2C_1_aa-profile-edit"
},
I've also enabled App Insights on my web app but I can't even seem to get a handle on an error message to solve.
I guess I have two questions.
What should I check configuration wise next?
And how do I find out what the error is? Azure seems completely opaque on this topic. I've no idea of the error at all.
Until I get identify the problem I'm completely shooting in the dark. As far as I can tell the only way I have deviated from the docs is that my html file is hosted on my App Service which from this document is a completely legitimate place to host it.
This write up describes exactly what I've done yet I my login is completely broken.
After digging around the requests I've found this hidden in an OK 200 response:
AADB2C90006: The redirect URI 'http://<my-app-service>.azurewebsites.net/signin-oidc' provided in the request is not registered for the client id 'b850cee0-f723-47fd-8f2e-c1fa1ec21038'.
But you can only register https reply URLs so how do I fix this?
Register your reply url with HTTPS: https://<my-app-service>.azurewebsites.net/signin-oidc. Azure app services hosted under the azurewebsites.net domain provide a built-in SSL certificate.
I am hosting my website on my own server, and using Netlify CMS. However, I would still like to use Netlify's hosted Identity and Git Gateway services, instead of running my own.
Yes, that is possible. First, you will need to set up your site in Netlify, and make sure you have the Identity and Git Gateway services turned on and configured. Follow the regular "Add to Your Site" setup for Netlify CMS, but make these changes:
CMS config.yml changes
The backend section of your config should contain the following three keys. Replace my-site.netlify.com with your Netlify site URL.
backend:
name: git-gateway
identity_url: "https://my-site.netlify.com/.netlify/identity"
gateway_url: "https://my-site.netlify.com/.netlify/git"
CMS index.html changes
Assuming you already have the Netlify Identity script added (netlify-identity-widget.js), remove it and use the netlify-identity.js script from the same package instead. This script will not initialize automatically, which allows us to set our own parameters. Do this on both your admin page and your site homepage.
<script src="https://identity.netlify.com/v1/netlify-identity.js"></script>
Next, add this script right below it, on both the admin page and the home page. Again, replace my-netlify-site.com with your Netlify site URL.
<script>
if (document.readyState === "loading") {
document.addEventListener("DOMContentLoaded", function () {
netlifyIdentity.init({
APIUrl: "https://my-site.netlify.com/.netlify/identity"
});
});
} else {
netlifyIdentity.init({
APIUrl: "https://my-site.netlify.com/.netlify/identity"
});
}
</script>
I have a legacy static website that is just plain HTML and simple JavaScript for UI effects. There is no server side code, api, config files or anything in this website - just raw HTML files, CSS, pictures, etc.
The website will not be hosted in Azure. It will be on a local IIS server. If I pull the web site into Visual Studio, the "Configure Azure AD Authentication" wizard shows:
An incompatible authentication configuration was found in this project
().
How can I secure simple HTML files using Azure AD?
The Visual Studio "Configure Azure AD Authentication" wizard is intended for ASP.Net Web Apps and Web APIs.
In your case, what you are building is considered a "Single Page Application" or SPA. Even though you might have multiple pages, this term also applies to client side only web apps with no backend code.
For this, you should follow the Azure AD Javascript Single Page Application sample.
The gist of it is that you should us ADAL.js like shown in this sample's app.js, along the lines of:
// Configure ADAL
window.config = {
instance: 'https://login.microsoftonline.com/',
tenant: '[Enter your tenant here, e.g. contoso.onmicrosoft.com]',
clientId: '[Enter your client_id here, e.g. g075edef-0efa-453b-997b-de1337c29185]',
postLogoutRedirectUri: window.location.origin,
cacheLocation: 'localStorage', // enable this for IE, as sessionStorage does not work for localhost.
};
var authContext = new AuthenticationContext(config);
// Check For & Handle Redirect From AAD After Login
var isCallback = authContext.isCallback(window.location.hash);
authContext.handleWindowCallback();
$errorMessage.html(authContext.getLoginError());
if (isCallback && !authContext.getLoginError()) {
window.location = authContext._getItem(authContext.CONSTANTS.STORAGE.LOGIN_REQUEST);
}
// Check Login Status, Update UI
var user = authContext.getCachedUser();
if (user) {
//Do UI for authenticated user
} else {
//Show UI for unauthenticated user
}
// Register NavBar Click Handlers
$signOutButton.click(function () {
authContext.logOut();
});
$signInButton.click(function () {
authContext.login();
});
Note: There's also a Angular SPA sample.
The solution posted by Saca pointed me in the right direction, but adding the JS to every page was not a valid solution for me. There were thousands of HTML files, lots with no common JS file I could tack that ADAL code into. I would have had to find a way to insert that JS on all those pages.
My first solution was simply creating a normal .NET MVC app with the proper auth configured. Then I simply loaded this legacy content via an iFrame. This worked but was limiting for the users.
As Fei Xue mentioned in another comment, the next solution involved scrapping the iFrame but routing all requests for static files through a controller. Using this as a reference for understanding that: https://weblogs.asp.net/jongalloway/asp-net-mvc-routing-intercepting-file-requests-like-index-html-and-what-it-teaches-about-how-routing-works
The above solutions worked. However, eventually this app ended up as an Azure App Service and I simply turned on authentication at the app service level with just the pure html files.