The facebook graph API doesn't let you redirect to any address other than the one registered with the app. So, if you want to test changes to your code on a dev server without deploying it, how would you? Do you create another facebook app just for testing?
Edit: This question is about "server flow" authentication. Ie, when a user signs in, you redirect them to facebook, they sign in, then facebook redirects them back to you.
Create a Facebook Application
Then goto yourapp setting > In the Web Site section: Configure the Site URL, and point it to your Web Server. If you're developing locally, you can use http://localhost:8080/ (or any URL that you're developing on)
Don't know if you have to but I also set my Canvas URL under Facebook Integration settings.
Reference: Take a look at the Getting Started section here
Mac/Linux: Just set your /etc/hosts ie:
127.0.0.1 testserver
Related
I'm trying to understand the process of login to a website using the Network tab on Google Chrome because I have to use that process for autenticate accounts on an mobile application.
The login is completed when I reach the page "HomepageStudente.do", but I don't understand how to replicate all this on Postman. I've tried to do this:
Right-click on the SSO request
Copy as Curl (bash)
And it seems to work, but when I do the same thing with the second request (POST) I get a different message compared to the one on the Network tab.
Those 3 calls are based on automatic redirect by the browser, and I don't understand how to replicate it on Postaman. Is this possibile to do? Any other suggestion on how to use those requests for authenticate an account outside the website (example mobile app)?.
Thanks
I am publishing a web application in WSO2 APP manager 1.0.0.After subscription, I am able to land on the login page of the application but once providing the credentials, blank page is seen.I would like to know if there are any configurations needed in the wso2 app manager for the server in which web app is running for invoking the web app properly.
When you say you were able to land on the 'login page' do you mean the login page of App Manager Login or the log in page of the Web App?
What are the errors/exceptions logged on the console?
If it is the App Manager log in page this could be related to incorrect service provider details recorded against the web application (Eg: incorrect Assertion Consumer URLs etc).
If you are referring to the Application's log in page, this could happen due to the App being secured with username/password.
When an App is secured, App Manager needs to send a JWT token as a HTTP header to the back-end Application once the user is authenticated.
In this case a few changes are required to be made in the App itself to support this.
The App should be modified to read the JWT token and identify the user and skip giving the login page.
The document [1] explains this in detail.
[1] https://docs.wso2.com/display/APPM100/Securing+Web+Applications+Using+JWT
I'm new to the SSO world and I've recently installed WSO2 Identity Server 5.0 and done my best to hook in a service provider but I just can't seem to figure out how to make SSO happen.
Here is my current situation and goal:
I have a MojoPortal website where a user can log in. From there, the user can click a link to our FTP site powered by GoAnywhere. We want the user to be logged into the FTP site just by clicking the link instead of having to log in to it as well. The FTP site is SAML2 enabled so I chose the WSO2 ID Server to give SSO capabality between my mojoPortal and goAnywhere sites.
Here is what I think needs to happen - sanity checks welcome:
1. User clicks to access the FTP website and my mojoPortal website needs to create a SAML request and send it to the ID server. I can't seem to get a grip on doing this from an ASP.NET page.
2. ID server gets the request and validates it (you can test the request in the "SAML Request Validator" tool in the WSO2 console, right?)
3. ID server sends a response to the GoAnywhere FTP site which can be simulated with the SAML Response Builder tool in the ID server console.
4. The FTP sites says either OK or NO to access.
5. Not sure what happens next - how does the user get redirected to the FTP site.
So I have big issues: I don't understand the flow in great enough detail and I'm also having difficulties in getting the technologies to work together.
Any comments / help at all are greatly apprciated!
MojoPortal website - is this SAML2 Web Browser based SSO supported? If yes, then the solutions is clear.
You just have to register your 2 sites in WSO2 IS as SPs.
Then what will happen is , once the user log-in to the MojoPortal website, he user will have a live login session, therefore once he clicks on the FTP site, he will be able to access it without having to log-in again.
Hope this clarifies your doubts.
I am trying to integrate facebook login in my django app but everytime I click on facebook login button it gives me an error
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.
I my app settings my site url is
http://localhost:8000/
and also in my hosts file localhost have been mapped to 127.0.0.1
how to solve this as I have followed similar questions on stack but none helped a lot.
In your host file, set the localhost:port to the domain you wish to log in from.
Then, set the Facebook app's domain to the domain you've pointed your localhost to.
I'm developing a Django application. I need to authenticate users using Facebook and get the user's friends list to invite them to my site. To do this my application has to be registered with Facebook to get the API key. In the process of doing so I'm struck with the list of settings.
"http://localhost/login" --> this is the login page in my application where I have the Facebook-connect button
I need Facebook to redirect the response to "http://localhost/result", where I have a view to parse the result.
Please let me know how to configure Facebook.
Facebook can't redirect the response to 'localhost', as that's obviously local to your machine, hence the name. Your app needs to be somewhere Facebook's servers can actually see it - ie on a public host somewhere.
In other words, you can't develop and test a Facebook app completely on your local machine, as you would with a normal Django app. You'll need to upload it to your host at regular intervals to see any changes.
Alternately, you can set up port forwarding on your firewall/router to allow Facebook to retrieve directly from your localhost. The instructions for doing this vary greatly between different firewall/router manufacturers. What you need to do is open external port 80 and forward it to port 80 (or whatever port you have your HTTP server listening on) on the host machine where your app is, find your public IP address, and then use them as your callback address as follows:
http://<your.ip.here>:80/login
This will allow you to test your FB or FB-Connect app on localhost.