Im using Spotify Web API to get list of playlist and track of user. Authorization is working fine. Also i do get track details. But after that I want to logout user from spotify and allow new login .
There is a session time till the user auto logout from spotify account. But user might not have patience to wait so long and re try with different spotify account.
Is there any API to logout user from spotify.
What can be done. Please help.
While an application using the Spotify Web API can't log a user out, it can force the permissions dialog to be shown during the login process. For that, use the show_dialog query parameter and set it to true when calling the https://accounts.spotify.com/authorize endpoint.
If there is a user already logged in, there will be a (Not you?) link to change the user.
This applies to the 'Authorization Code' and 'Implicit Grant' flows. You can read the documentation about the show_dialog parameter on the Spotify Web API Authorization Guide.
As addition to José M. Pérez his answer, if you really want to log out, it seems the only way you could achieve this is by opening the Spotify log out URL in the user's browser: https://www.spotify.com/logout/
To prevent CORB protection this could for example be achieved by opening a pop up window with JavaScript and close it after 2 seconds:
const url = 'https://www.spotify.com/logout/'
const spotifyLogoutWindow = window.open(url, 'Spotify Logout', 'width=700,height=500,top=40,left=40')
setTimeout(() => spotifyLogoutWindow.close(), 2000)
UPDATE:
https://accounts.spotify.com/en/logout could also be used, this will redirect to a login page instead of the Spotify main page which is nicer IMHO.
You want to simply logout from "spotify web api" then you should terminate your spotify session through clear authentication token like:
AuthenticationClient.clearCookies(getApplication());
I solved this using the asnwer #jpoppe provided. I didn't like the idea of having a popup window so I used an iframe instead.
<iframe style={{display: 'none'}} src="https://spotify.com/logout"></iframe>
One problem I found with this was if the user had signed in with facebook, when logging in on another account using facebook, they would automatically be signed in when they clicked the 'sign in with facebook' button. I couldn't find a simple way to solve this.
Related
After upgrading Microsoft.Identity.Client within Xamarin.Forms from 1.x to 4.x, most things work much the same. However, login to iOS results in a popup that says:
"My App" Wants to Use "b2clogin.com" to Sign In
This allows the app and website to share information about you.
It's OK if user hits continue, but it's hardly seamless.
Supposedly it's associated with iOS 12, but that doesn't seem to be the trigger for me. There's a Microsoft article that says this is actually normal, stating:
On iOS, though, the user might have to give consent for the browser to call back the application, which can be annoying.
I found that it's possible to set .WithUseEmbeddedWebView(true) and this hides the URL as well as removing the popup, and this works with Facebook sign in, but Google sign in is a hard no.
There's the potential path of Universal Links instead of URL Schemes and Associated Domains.
Investigating that path, it appears that I simply need to set the URL https://myapp.b2clogin.com/.well-known/apple-app-site-association with the following JSON:
{
"webcredentials": {
"apps": [
"MYTEAMID.com.mycompany.myapp"
]
}
}
Unfortunately, I don't have control of that URL.
Any other ideas?
The short answer is -- it can't be done today as this alert pop-up is built into the iOS framework. Any authentication provider, library, etc. will trigger this alert if they use the ASWebAuthentication API in iOS
You can choose to use different embedded-browser pop-up APIs which do not cause this alert, however they will have sandboxed cookies and the user may not experience SSO. There is an MSAL docs page which discusses this in a bit more detail:
https://learn.microsoft.com/en-us/azure/active-directory/develop/customize-webviews
The best user experience:
I use ROPC for signIn only (native username/password fields or could be with biometry).
So I don't have any popup at simple Sign In.
For the rest I use commons Flows (Reset password, Google provider etc..)
that open the WebView with unfortunately the warning popup.
We are building an iOS app where users are asked to sign in with Instagram.
The flow is as follows:
we open an Instagram login page in a web view,
user inputs his login and password,
then in most of the cases he is asked to verify his account by getting a code by email or phone and entering it on the next page,
after doing so, Instagram app opens in a web view and does not redirect to the app.
I saw a similar issue here, but did not find it usefull.
Maybe you have faced such an issue before and can somehow help.
Thanks!
This is probably ancient history by now, but in case someone else is stuck with the same problem you may want to have a look at your universal-links.
Supporting universal links for the redirect_uri turned out to cause sporadic failures for us.
I'm trying to get medida data from Instagram via their REST service. I've got an access token and tried to get some media data, I'm using this query
https://api.instagram.com/v1/users/184692323/media/recent/?access_token=
I get this response
{"meta":{"error_type":"APINotFoundError","code":400,"error_message":"this user does not exist"}}
The user ID does exist, I actually tried to use Lady Gaga's user ID, which I got from here: http://jelled.com/instagram/lookup-user-id#
When I use my user-id, it works. It just seems to not work with other user ids.
What can I do? Is this something related to these new "sanbox" rules?
I think you are still running in Instagram Sandbox-mode: https://www.instagram.com/developer/sandbox/.
Citing their page: For example, if you query the /users/{user-id}/ endpoint and the {user-id} is a sandbox user, then you will get the normal API response; but if the {user-id} is not a sandbox user, you will get a APINotFound error.
I have the same issue for non-Sandbox users, which are public but nevertheless Instagram returns it's not a valid user. So the docs seem to be correct.
the user exits, but you may be blocked by instagram for spamming, usually you get that response if spam was detected by an account, try with different user access_token, it should work.
I am very late but you need to invite the user in your application's sandbox and he needs to accept your invitation to actually get any information out of it.
In addition to what Dennis said,
You need to submit your App for review if you're doing things with public profiles. It's not super complicated, but you'll need to build an actual use case for them to approve your app out of sandbox mode.
Or, you can add the users you want to play with to your sandbox app.
I am looking to replace a toolkit that does social auth through a seamless popup, where the entry point is a javascript function and there are javascript callbacks that you install that pass the results of the authentication back to you once everything has asynchronously been processed.
The socialbootstrap example shows how to perform posts to /api/auth/{provider} and this causes the browser to redirect to the login screen of the social provider and then back to a redirectUrl in the original app.
I would like to have this work in some kind of popup and the result be passed back to me as some kind of ajax result or a javascript success or failure handler.
Is this possible and if so do you know of any code examples that show this?
My understanding is that iframes are not a universally good way to do this as some social providers have iframe busters...
Thanks
If you only need to support Credentials i.e. UserName/Password Authentication you could do this via a HTML from in a Popup and ajax.
The https://httpbenchmarks.servicestack.net Live Demo shows an example of this when you click on Login with your email button or Sign In link (on the top right).
The Authentication/Login process is documented in detiail the repository, e.g it uses a modal bootstrap form and ss-utils bindForm to ajaxify the HTML Form and provide automatic form and validation binding.
On successful authentication, the success callback is fired where you can hide the modal form and run any other post-authentication scripts, e.g:
$("#form-login").bindForm({
success: function (r) {
$('#modalLogin').modal('hide');
localStorage["UserName"] = $("[name=UserName]").val();
$(document).trigger('signed-in');
}
});
Now that the Users Session is authenticated, every subsequent ajax request is sent in the context of the users authenticated session.
If you want to use OAuth then you would need to stick to full-page reloads since often the page will be redirected to the 3rd Party site where the user needs to explicitly allow authentication via your app.
I use this tutorial to authenticate users via facebook. But I need to need to show popup window instead redirecting to facebook site.
How can I do that?
I think, it not possible to do, After facebook login, it will redirect to the redirect url which we given at the time of app creation.
I've managed to put together a project that uses Node.js, PassportJS with Facebook, MongoDB, REquireJS and Backbone.js
https://github.com/rafaelfaria/PassportJS-Facebook-Client-Auth
Check it out. I hope that's what you are looking for.
You can define a display:"popup" property while using the authentication, following is the code snippet -
app.get('/auth/facebook', passport.authenticate('facebook', { display: 'popup' }));