Trying to implement account linking on FaceBook Messenger via Microsoft Bot Framework. This is what i did.
Hosted a Bot on botframework, which sends back a signin card.
var msg = new builder.Message(session)
.attachments([
new builder.SigninCard(session)
.text("Click below to Sign in.")
.button("Connect with Me", "https://6493.ngrok.io/login")
]); session.send(msg);
My idea is to eventually replace, https://6493.ngrok.io/login URL with a SSO backed web URL.
https://6493.ngrok.io/login is a sample node.js app, which has implementation for get->/login and post ->/login.get -> login , presents the user with a login form. accepts username/pwd.post ->login, when user submits on login form, i redirect to facebook messenger with an authorization_code and account_linking_token which is picked from the incoming query string.
Here is the issue i see.
When the connect button is clicked,
URL https://6493.ngrok.io/login is launched but it does not have, account_linking_token and redirect_uri as the
documentation mentions.
URL launches I dont have this information to send back a valid account_linking_token. I assumed that facebook wants a web based authorization url.
Related
I tried using passportjs facebook on my website and tested on different browser but there’s a little bit problem when the link is from the facebook app itself specifically on IOS.
Package used: http://www.passportjs.org/packages/passport-facebook/
The scenario is:
Share your login url to post in your facebook timeline
Open facebook app on ipad
Click the link that was posted on facebook timeline to open the login url and a popup browser from facebook app should appear.
Click your facebook login using passportjs
Result:
Session Expired popup appear and you’ll be sign out and ask to login again but not from your url but from the app itself so I’m not getting the response login from it since it is not from passportjs login anymore. Any idea how to solve this or why is this happening?
So after some trial & error reading I found out I just need to turn on the "Force Web OAuth Reauthentication" inside Facebook Developer dashboard and now it continue login from IOS Facebook app when the link is from their.
I'm using Python and trying to login to basecamp to consume their API but i'm having some trouble with OAuth2 authentication...
How do I login without interacting with browser? I'm making a post request but it returns a 422 message...
I checked out the headers and they seem ok. I'm confused and dont know where the mistake is.
OAuth2 requires that the user authorizes the integration to access her/his account. This is done through a web page in which basecamp.com will display some HTML including a button. For this to work, the user must be logged in using the web form at https://launchpad.37signals.com/signin.
I've implemented that in Javascript: https://gitlab.petton.fr/basecampel/libbasecampel/blob/v0.2.0/proxy/src/oauth.js. The function at line 20 opens the system's default web browser in which the user is supposed to login if he/she is not logged in already.
Assume I have an Instagram account and a website. I want to display the most recent photos from my Instagram account on website. Something I am not clear in the documentation: in order to get my access_token I need to authenticate myself? I don't get how to do it in backend side. It works fine if I logged in as my account, but in incognito, there is a dialog pops up asking username and password. I don't want user to see that.
Do I need to provide my username and password in backend side and auto login? and I don't want to see the pop up dialog asking authentication. I need everything handled in backend side. How do I achieve it?
You can authenticate and get your access_token using the client implicit Oauth, you just have to open the auth url:
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
setup a redirect-uri in your app settings, it can be http://localhost too.
opening above url in browser will show login page, once u login, you will be redirected to your the redirect-uri, the access_token will be in the redirect-uri:
http://localhost#access_token=ACCESS-TOKEN
copy the access_token
You can then make API call to get your own latest 20 photos and display on your website:
https://api.instagram.com/v1/users/{user-id}/media/recent/?access_token=ACCESS-TOKEN
You dont need to be approved by instagram, u can remain in sandbox mode and get latest 20 pics via API.
I have creating a website running on Node.js and Express. For logging into my website I use passport.js based social login with Google, Facebook and Live.
I need to expose user data via authenticated REST services so that website's Chrome & Firefox browser extension can do CRUD operations.
When user clicks on a button injected via browser extension, I need to check if user is already logged in to website. If user is not logged in then I will do a redirect for login and return back to original page.
I am clueless after this. Which token do I use for REST API calls ?
Any Advice ?
After the social login, when the user is redirected to the callback url, you can create your own token, e.g. using uuid, and then send it to the client.
For all the consequent requests the client needs to use that token for authentication and you have to manage its expiration.
I use OAuth login on my site, and would like to use the Test User API to do testing. However, I've run into a problem where I can't actually log in with a test user account.
One of the requirements is that the user needs to reauthenticate when they log in (passing auth_type=reauthenticate to the OAuth endpoint), so just being logged into Facebook as the test user is not enough.
I create a new test users
I set the password of the test user
I log in using the Developer App and obtain their email address from the Facebook main site
I click on the Login button on my site, and the Facebook login form pops up
I enter the email address and password
I am sent back to the login form without an error message
Is this even possible? This sounds suspiciously like Why can't I login to test Facebook user accounts from the Android native app?, but I'm not 100% sure.