Okta in React Native on IOS 10 - okta

Has anyone worked with Okta from React native, and successfully implemented?
We've got a web app that has implemented the okta widget successfully, but the react native app needs to use the lower level api.
From my understanding, the widget doesnt work with ios 10
We implemented the 'resource owner' flow from the BE api, but that created a dependency and now blocks the FE, since the okta api has so many functions.
It seems like a rabbit hole with wrapping the okta apis.
Any thoughts?
There are other open questions like this that make me nervous - React Native Okta SSO 403 .
update
I really don't like the idea of creating BE endpoints to wrap the okta endpoints for the front end, using the resource-owner flow. It feels really hacky and not maintainable.
We found this mentioned in the oidc library - https://github.com/okta/okta-oidc-ios#handle-the-redirect
I've asked the RN developer to try this or some other lower level library to implement it, since the discussion is all theoretical until he writes some code =\
update
The RN developer said he was able to build for iOS 10 - I'm not sure exactly which library he is using. But I'll post an official answer here when I get more detail.

Related

Could not execute google form api on google developer documentation

I got the below popup when I tried to execute the google form api from google developer documentation.
I tried this same process with google docs api which work perfectly. I tried tp turn on less secure app access, but it seems google made it unavailable.
what is the other way out.
Thanks
This appears to be a bug with the try me on forms.
I have logged it on the issue form and im going to see if i can find someone at google to ping about it
Forms.get try me not working
I suspect however that this may have something to do with the app being in early access. That being said i would have expected a different error message if that was the issue.
It is most likely due to the permission for the client they are using. It is an internal error and not something you have done.
May i suggest creating your own app and testing it that way. Just remember this api is in early access so be sure that you fill out the form found on this page Google Forms API now available in open beta
Developers can apply to join our Early Adopter Program and begin developing using the Google Forms API by filling out this form.

Is this really the process for authenticating users with the Google platform using Xamarin?

I am following the tutorial located here: https://developer.xamarin.com/guides/xamarin-forms/cloud-services/authentication/oauth/
I got to the step titled: Presenting the Sign-In User Interface.
It says that, "When the Login method is invoked, the sign-in user interface is presented to the user in a tab from the device's web browser."
Now is this really the process when using Xamarin?
Because the other apps I've downloaded and played with don't open the browser and then open a new tab to give me a choice of which account to choose. Those apps pop up a small page on top of the app and allows me to select an account.
If this Xamarin process is different I am not going to use it when developing my app. Please clear this up for me thanks.
There is no such thing as as "Xamarin's way of oAuth".
oAuth is about authenticating users through 3rd parties like Google, Facebook, Twitter etc. There are different oAuth flows which are mostly used: the implicit grant and the authorisation code grant. For mobile apps the implicit flow is common because auth code flow involves the app keeping a secret which a mobile cannot really guarantee. For a great overview of these flows I can recommend this lecture from Xamarin.University.
These flows are the same no matter which underlying development stack you are using.
The documentation you are referring to is using a library to help using these flows: Xamarin.Auth. As a matter of fact you don't have to use this library at all. This library helps with storing tokens, sending requests that include the required tokens, detect endpoint redirects etc. Part of using this library is presenting the UI where the 3rd party vendors login form is shown.
This is what you do when calling:
var presenter = new Xamarin.Auth.Presenters.OAuthLoginPresenter();
presenter.Login(authenticator);
The actual implementation of presenting the UI is platform specific. On iOS the UI os shown modally if that's how you are coding it. If you change this code to show the UI as a small popup floating on top of existing content, you can of course do this. This is true for any given platform.

Client flow login for Xamarin?

I am looking for sdk that can help me do the client flow login in my Xamarin app(shared assets with forms UI) for Facebook and LinkedIn for iOS and android. I've got it working using Xamarin.Auth server flow but having hard time in client flow.
For facebook, I tried Xamarin Android Facebook, Xamarin iOS Facebook and cross platform facebook sdk by outercurve foundation. The official xamarin facebook sdk's are in very bad shape, don't work and no documentation has been provided as well. I couldn't find any for LinkedIn though.
My main objective is to use facebook and linkedin app to do the authentication to provide better user experience.
Eventually worked with official Xamarin Facebook SDK's for facebook for android and iOS. This blog post from James Montemagno came in handy.
Take a look at Auth0. They have a reasonable SDK and they support a large number of different Social Authentication providers including Facebook and LinkedIn. Their authentication service isn't free once you reach critical mass, but it's great to have the whole authentication aspect handled for you. Check it out at http://www.auth0.com

Implementing Google OAuth2 in Xamarin for Google Classrooms

Any idea when a Google Classroom library wil be available for Xamarin? I have tried the .NET and Android library, but the GoogleWebAuthorizationBroker and FileDataStore does not exist, and Xamarin doesn't cater for "urn:ietf:wg:oauth:2.0:oob" as a redirect url when authenticating with Google Api (OAuth 2). Is there a workaround that anyone know of?
We are unlikely to build any library specifically for Xamarin. The details of our OAuth2 endpoints are publicly available, so it is in theory possible for you to develop your own implementation.

Phonegap and Django Authentication

I am in the middle of building a PhoneGap (Cordova) app which I would like to be able to talk to a Django site of mine. The steps needed to get the app working are:
Authenticate the user (stay logged-in across app restarts) (e.g. get session cookie from Django for communication with the service - where to store?). Note: The Django endpoint uses https.
When app receives push notification load some data from my django site.
Make selection on data and submit response back to my django site (will need the csrf token?)
I was able to sort out the push notifications but now I am wondering which solution would work best for the communication with Django.
As I understand there are two possible approaches:
Either to implement a REST service with something like tastypie or
try to setup the communication via ajax (e.g. jQuery)
At the moment I am thinking that going simply ajax might be the best approach since the app is fairly small and there are no additional requirement for a REST API.
It would be great if anyone could give me any pointers on how to solve this or share some experiece / code. Especially the steps of the authentication process are unclear to me.
I am not sure if this is still an open question but it is sure an interesting one.
I would strongly suggest on using the django-tastypie and you could start by using the docs which are indeed a great point of reference.
My experience until now has shown that I should always start by making my api clear(and rest) than choosing an easier faster solution(e.g. ajax) because if your app is a successful one, frameworks like tastypie help you scale.
The authentication process is pretty straightforward if you choose the basic one.
You just ask for the user credentials and there are many clients implementing the client side basic auth.
Fortunately, tastypie supports more than this. For example, the api authentication and you could read more here.
If you need anything else, please let me know.
Regards,
Michael.

Resources