I'm currently building a private app for Shopify. I've successfully passed the authorization step and get an appropriate response for it.
However, unlike other apps that I've seen, I'm not redirected to the Shopify's admin panel followed by my response page in the frame.
Instead, the redirection happens directly to my ngrok-generated address.
If you'd like to load your app within the Shopify admin then you can implement the Embedded App SDK.
Related
I have a progressive web appliacation. on the home page i have a loging modal. If a user logs in the application reloads and now instead of the login button the server renders the user profile. now the problem am experiencing is that when i implemented the pwa, It caches the homepage and everything in it so the new page from the server is not rendered after the user logs in.
My application backend is in Nodejs(REST API) and is use javascript to consume the api but i use ejs to render the pages. How can i solve this?. For now i decided not to cache the homepage where i have the login modal. After doing this i realized the application is now not meeting PWA installation requirements.
You can cache everything in the service worker.
When you need to display different content for an authenticated user vs unauthenticated user you can render that as needed either in the UI code or even in the service worker.
A common example would be to show/hide the login, logout and profile link in the header. This is all doable with a few lines of code as the page is loaded.
These examples are mostly classList.[add|remove|toggle]. The profile might use a simple template and setting the innerHTML of a wrapper.
It is not that complicated in the end, I do this all the time for applications.
It sounds like you shouldn't configure your service worker to cache your normal HTML. Instead, you can use a service worker that will always go to the network when online, and will display custom "Sorry, you're offline" HTML when there's a navigation request that fails.
Here's a live example of following this pattern:
https://googlechrome.github.io/samples/service-worker/custom-offline-page/
Doing this will is sufficient to meet the "add to homescreen" PWA installation requirements.
I need your help.
I made an API with Laravel and an APP with FLutter.
Now I want to make google login.
In a browser or with a rest client like Insomnia, Postman or similar works fine. It is because the system shows me a google's page that I must write the email or google user that I want to logging in and, after, shows another page to write the password. Finally, all returns to APIS callback endpoint, showing the data (token and more).
But when I do it from my flutter app, the first google page where I need to indicate the user account, is send like string response (this string response is an HTML. I think is the HTML from google's page on we select or account).
How can I show this page and get the responses??
NOTE: flutter plugins like flutter_inappbrowser are not useful for me, because this plugins needs an URL and show it. I get the HTML on string when I use flutter's http.get.
I have registered a dummy app with Yammer, as I am still in testing phase. I gave the homepage of my org as the redirect URI. Honestly, there is no app hosted anywhere. Still, I think it is possible to test the authentication and go till creating a token. This is what I have done.
Navigated to https://www.yammer.com/client_applications page.
Registered an application. I provided the "RedirectURI". I got a "Client Id", "Client Secret", and "Expected Re-direct".
Since I don't have an app to launch anything from, I manually typed in the following URL in the browser. "https://www.yammer.com/oauth2/authorize?client_id=[:client_id]&response_type=code&redirect_uri=[:redirect_uri]".
I was taken to the app registration page. I clicked "Allow".
Now the page is redirected to the home page of my org, as I provided along with "www.<<>>.com/code=".
I copied this code over, tried to launch "https://www.yammer.com/oauth2/access_token.json?client_id=%s&client_secret=%s&code=%s".
I expected a token to be created, so that I go back to my dummy JAVA program and start connecting to Yammer, but I am not allowed to connect in above step. I am getting a "Not Authorised" error.
Can some please point out what I need to do? My requirement is that I get this token not from with in an app, but then on use it in a SWT based Rich Client JAVA application to connect to Yammer.
I think the request to oauth2/access_token.json needs to be a POST not a GET
I've got a windows phone 8/8.1 app which contains a page with an embedded web browser on it. I build a list of articles extracting information from the website and all of this works fine but note that I only use this web browser to display an article when a user has clicked on the item in my list.
The article in question provides a button to allow user to leave comments via twitter. At the bottom of each article there is a "Twitter Log in" button. When I click on it, it brings me to the authorizing page and it displays the news website as the app I want to authorize.
After entering my twitter credential and clicking on the "Authorize App", I get the following error:
Exception of type 'Microsoft.Phone.Controls.WebBrowserNavigationException' was thrown.
Then a Twitter webpage gets displayed display the following:
There is no request token for this page. That's a special key we need from applications asking you to use your Twitter account. Please go back to the site or application that sent you here and try again. It's probably just a mistake.
It definitely authenticated me as I can see my Twitter account picture but it failed to authorize the app.
I understand that my app is not the original website as it is a wp8/8.1 app but what I'm calling in the web browser is the page that contains all the original code from the news website and therefore you would assume everything would work as if I was calling the website directly from a browser.
If I call the website from the browser that comes with wp8/8.1, it works as expected!! Strangely enough they have the same functionality but using facebook and this works as expected.
I've had a look at html the "twitter authorized page" when called from my phone and when called directly from my web browser on my laptop and while I can clearly see the form contains an hidden field for authenticity_token with a value and a oauth_token with another value, they do differ.
I don't know if they're suppose to be identical but as I said, I don't understand why this wouldn't work as when I display the article in the embedded web browser, you'd assume that everything else that goes on after this would behave as it would in a regular web browser and when this 'authorize app' button is clicked, you'd assume that all values would be passed as normal and the app would get authorized but nope!!
Any suggestions on how I could possible resolve this problem?
Thanks.
I can't really tell what's going on, but it looks like you would have to implement Twitter OAuth. Luckily for you there is already a library that can do that - https://github.com/konradbartecki/TwitterAutherino
I am the author of this library, so let me know if you need some support or non-existent features.
I am using google oauth 2 for authentication. (Installed application)
Right now when the user allows access in user consent screen, how can i retrieve auth code from the redirect uri without user involving in cut and copy paste auth code. How to read the auth code from the title bar?
In any Operating system a program can read titles from the windows of any other application ( including your browser ).
In order to help you I would need to know what OS you are using and what language you are using to develop your Google declared "Installed Application".
The following thread shows you how to get a list of windows titles in Java
How to get a list of current open windows/process with Java?
For installed application, you can use the special redirect_uri urn:ietf:wg:oauth:2.0:oob, and the authorization code will be returned in the title bar of the browser, your app can read the title of the HTML page to obtain the authorization code.
The tile of page will be like this:Success code=AuthorizationCode
So you can check the webpage, if the title contains this string, you'll get code.
yes .. this can be done by using google service account. they will provide us a p12key and we can make use of it without any consent screen.