I have been trying to Post on the Behalf of My Page. I am the Admin of the App and the Page
I created a Test App with in my App. I used that APP ID and requested manage_pages and publish_actions scope while loging in like that
jQuery(document).ready(function() {
jQuery.ajaxSetup({ cache: true });
jQuery.getScript('//connect.facebook.net/en_UK/all.js', function(){
FB.init({
appId: 'XXXXXXXXX'
});
jQuery('#loginbutton,#feedbutton').removeAttr('disabled');
FB.getLoginStatus(function(response){
FB.login(function(response){
console.log(response);
postToPage();
}, {scope: 'manage_pages,publish_actions'});
});
});
});
And below is my postToPage function
function postToPage() {
var page_id = 'XXXXX';
window.FB.api('/' + page_id, {fields: 'access_token'}, function(resp) {
if(resp.access_token) {
window.FB.api('/' + page_id + '/feed',
'post',
{ message: "I'm a Page!", access_token: resp.access_token }
,function(response) {
console.log(response);
});
}
});
}
I logged in fine. I have been asked for the permission and I did get the access token. Then while posting I get this in response
"(#200) The user hasn't authorized the application to perform this
action"
Since I am the admin of both the Page and APP and I am using the test APP then I am not where I am missing ?. Can anyone please help.
If you are using version 2.3 then from change log docs
publish_pages Permission - This new permission is required to publish
as a Page. Previously publish_actions was required. People who granted
manage_pages and publish_actions before v2.3 have automatically been
granted publish_pages. If anyone logs in via v2.3, you'll need to
request publish_pages explicitly in addition to manage_pages.
Related
I am stared developing a flutter project with AWS Cognito login features. In flutter, AWS Cognito login was working fine and I am getting the access token but when checking that in API or JWT its shows the error "Invalid Signature".
I add the below code for the AWS Cognito login features. I have installed the amplify_auth_cognito: '<1.0.0' in pubspec.yaml file to create the AWS Cognito login features in the app. Login codes working fine and perfectly but the token which returns from that code shows "Invalid Signature".
Future<String> _signIn(LoginData data) async {
try {
SignInResult res = await Amplify.Auth.signIn(
username: data.name,
password: data.password,
);
final resp = await Amplify.Auth.fetchAuthSession(
options: CognitoSessionOptions(getAWSCredentials: true),
);
if (resp.isSignedIn) {
final sess = resp as CognitoAuthSession;
print("TOKEN FROM THE COGNITO: ${sess.userPoolTokens.accessToken}");
}
setState(() {
isSignedIn = res.isSignedIn;
});
if (isSignedIn) {
_btnController.success();
AWSConfigurationHelper().getUserDetails();
Timer(Duration(seconds: 1), () {
_btnController.reset();
Navigator.pushReplacementNamed(context, DeviceList.routeName);
});
}
} on AuthError catch (e) {
Alert(
context: context,
type: AlertType.error,
title: "Login Failed",
desc: e.cause.toString(), //e.toString(),
).show();
_btnController.error();
Timer(Duration(seconds: 1), () {
_btnController.reset();
});
print(e.cause);
for (final exception in e.exceptionList) {
print(exception.exception);
print(exception.detail);
}
return 'Log In Error: ' + e.toString();
}}
My pubspec.yaml file screenshot was attached. In that file I am using amplify_auth_cognito: '<1.0.0' for the Cognito login.
I am new to this Flutter so I really need someone help to fix this problem. I have done the AWS Cognito Login features in iOS and web with the same AWS credentials but there I am not getting this type of "Invalid Signature" issue in the access token. Someone, please help me because I am not any good link where this type of issue has been discussed.
Thanks in advance
I am creating a web application, in which I use REST for user interface and for REST API I use using Loopback. My user, acl, rollmapping, role table are in mySQL. In my project i am able control access permission when i am trying with loopback UI(after login and setting the access token). But when I am trying with admin on rest UI I am able to login but not able to control the access, in admin on rest I have give all the url and everything in authClient.jsx. My authClient.jsx file:
const request = new Request('http://localhost:3004/api/Users/login', {
method: 'POST',
body: JSON.stringify({ email, password }),
headers: new Headers({ 'Content-Type': 'application/json' })
});
Can anybody help me fix this issue?
You need to use AOR Permissions
https://github.com/marmelab/aor-permissions
This will handle all authentication and role based access.
On the API side you will need to create a custom Login Method that will also return the user role in the request.
something like below
User.customLogin = (credentials, cb) => {
User.login(credentials, 'User', function(err, token) {
if (err) {
console.error(err)
return cb(err)
}
app.models.RoleMapping.findOne({where: {principalId: token.userId}, include: {relation: 'role'}}, function(err, rolemap) {
if (err) {
console.error(err)
return cb(err)
}
token.role = rolemap.role().name
return cb(null, token)
})
})
}
Save the user role in localStorage on login and then you can use AOR permissions to show role based views to every user.
EDIT:
According to AOR star contributor #gildas below. AOR Permissions is going to be deprecated and all features moved to AOR Core. So please check your versions of AOR and decide accordingly.
I have implemented the facebook login for my ionic application, which works perfectly when run on web. When i build the application, create an apk of the same, and try to run on my mobile device, nothing happens.
The login is:
openFB.login(
function (response) {
if (response.status === 'connected') {
console.log('Facebook login succeeded, got access token: ', response);
openFB.api({
path: '/me',
success: function (data) {
console.log("My Data", data);
userData.name = data.name;
userData.picture = 'http://graph.facebook.com/' + data.id + '/picture?type=small';
localStorageService.set('user', userData);
$timeout(function() {
$state.go('app.home');
}, 0);
},
error: function(error) {
console.log("Error here:", error);
}
});
} else {
console.log('Facebook login failed: ' + response);
}
}, { scope: 'email, public_profile' });
Have used openFB for the login. After clicking, following popup comes up.
After clicking the okay, nothing gets logged. No console message.
Can some one help me for finding out this issue, where i am not able to do the facebook login, when run on actual device.
You need to whitelist the redirect url. You can set it in
Products > Facebook Login > Settings > Client OAuth Settings
Take a look into this question.
please set redirect URI in
Products > Facebook Login > Settings > Client OAuth Settings
http://localhost/callback
please follow the below procedure to register your app in facebook developer site
https://ccoenraets.github.io/ionic-tutorial/ionic-facebook-integration.html
and use the below code to complete the procedure of facebook login
$cordovaOauth.facebook("appId", ["email", "public_profile"]).then(function(result) {
//alert(JSON.stringify(result));
//$localStorage.accessToken = result.access_token;
$http.get("https://graph.facebook.com/v2.2/me", {
params: {
access_token: result.access_token,
fields: "id,name,gender,location,email,picture,relationship_status",
format: "json"
}
}).then(function(result) {
// alert(JSON.stringify(result));
$scope.loginflowusingsociallogin(result.data.email);
}, function(error) {
alert("There was a problem getting your profile. Check the logs for details.");
alert(JSON.stringify(error));
});
});
i used Oauth 2.0 authentication for ionic.
I used this code and worked fine for me
I use an external service for authentication Stamplay ..
To authenticate with username and password, I have to make a post in ${config.host}/auth/v1/local/login
The callback for this post contain the token, so I created a custom authenticator to handle it
Custom Authenticator
export default Base.extend({
tokenEndpoint: `${config.host}/auth/v1/local/login`,
// ... Omited
authenticate(options) {
return new Ember.RSVP.Promise((resolve, reject) => {
Ember.$.ajax({
url: this.tokenEndpoint,
type: 'POST',
data: JSON.stringify({
email: options.email,
password: options.password
}),
contentType: 'application/json;charset=utf-8',
dataType: 'json'
}).then(function (response, status, xhr) {
Ember.run(function () {
resolve({
token: xhr.getResponseHeader('x-stamplay-jwt')
});
});
}, function (xhr) {
Ember.run(function () {
reject(xhr.responseJSON.error);
});
});
});
},
invalidate(data) {
return Ember.RSVP.Promise.resolve(data);
}
});
And everything works fine.. but ...
My problem
For social logins, I need to redirect the user to https://MYAPP.stamplayapp.com/auth/v1/EXTERNAL_SERVICE/connect
EXTERNAL_SERVICE can be.. github, twitter, facebook...
Then, the user is redirect to service page, and after login, the callback will be http://myapp.com/callback?jwt=XYZ
So, how can I capture the token and login the user with this token?
Tell me if I'm wrong, but I think that for Facebook you can use Torii which is working well with simple-auth. Twitter is using Oauth1.0, so it's a bit more complicated in my opinion. But Facebook / Google should be fine.
Basically, Ember will request an AuthorizationCode from Facebook API, then send it to your server. Your server will then ask Facebook API an access_token, and use it to get the user information. Finally, you can load/register your user, generate a JWT token and send it to your Ember app.
But I'm interested to know if you have found a solution for Twitter.
I've been working all week to get authentication working. I have gotten it working with
Ember-CLI
Ember-Simple-Auth
Torii
google-oauth2 provider
However I have proven unsuccessful in getting the users information from google. I have tried creating a torii-adapter as stated in their documentation but it doesn't appear to be called
// app/torii-adapters/application.js
export default Ember.Object.extend({
open: function(authorization){
console.log('authorization from adapter', authorization);
}
});
I've exhausted my google-foo and am asking for your assistance. This is a great library combination for authorization however the documentation is lacking for this case, and when figured out I will be sure to contribute back.
Thank you
The problem I was encountering is Torii's default google-oauth2 provider doesn't access this info for you, also it uses the code workflow instead of the token workflow which is needed for the google+ API
To fix this I wrote a custom provider that uses a jquery GET request to the G+ API, I then return the userName and userEmail to access it in the session under content.
I wrote a full tutorial detailing authorizing an ember app using google start to finish here
//app/torii-providers/google-token.js
import {configurable} from 'torii/configuration';
import Oauth2Bearer from 'torii/providers/oauth2-bearer';
var GoogleToken = Oauth2Bearer.extend({
name: 'google-token',
baseUrl: 'https://accounts.google.com/o/oauth2/auth',
// additional params that this provider requires
requiredUrlParams: ['state'],
optionalUrlParams: ['scope', 'request_visible_actions', 'access_type'],
requestVisibleActions: configurable('requestVisibleActions', ''),
accessType: configurable('accessType', ''),
responseParams: ['token'],
scope: configurable('scope', 'email'),
state: configurable('state', 'STATE'),
redirectUri: configurable('redirectUri',
'http://localhost:8000/oauth2callback'),
open: function(){
var name = this.get('name'),
url = this.buildUrl(),
redirectUri = this.get('redirectUri'),
responseParams = this.get('responseParams');
var client_id = this.get('client_id');
return this.get('popup').open(url, responseParams).then(function(authData){
var missingResponseParams = [];
responseParams.forEach(function(param){
if (authData[param] === undefined) {
missingResponseParams.push(param);
}
});
if (missingResponseParams.length){
throw "The response from the provider is missing " +
"these required response params: " + responseParams.join(', ');
}
return $.get("https://www.googleapis.com/plus/v1/people/me", {access_token: authData.token}).then(function(user){
return {
userName: user.displayName,
userEmail: user.emails[0].value,
provider: name,
redirectUri: redirectUri
};
});
});
}
});
export default GoogleToken;