I am developing a SharePoint app that communicates with social feeds such as Twitter, Facebook (the user has to sign in ofcourse through the App using OAUTH). My problem is that everytime I deploy the app (using VS) it generates a new url and I need to keep registering this url with the community sites (Twitter, Facebook). Is there another way to overcome this problem.
I guess you are talking about the App Web wich is created every time the application is deployed (url has a form like that https://prefix-id.tenantdomain.tld/pathOfWebItHasBeenDeployedTo)
This is by design and here is some documentation about it
Then I guess the problem is because you're using OAuth implicit flow which requires url not to change over time. Unfortunately this is a by design limitation, to work around that you'd have to transtion to a provider hosted application. (therefore hosting it on your own server with a fixed url)
Related
I'm looking at ways to modernise some of our existing web apps without a total rewrite. One idea that's being bandied around is having pluggable modules that can be written in more up to date languages that can be bolted onto the existing webapps.
I tried this out with both an iFrame approach and also using Azure Front Door routing, so that even though I had separate Azure App Services, I managed to get everything to appear as though it was part of the same web app/domain with routing rules.
Unfortunately both these methods failed once I secured the websites using Azure b2c. As an example, I tried to create two bog standard asp.net core mvc apps (deployed in Azure as AppService1 and AppService2). I secured them both using b2c with separate b2c apps. I checked I could log into both apps successfully. Also once I logged into one app, I could go to the other via a different browser tab and didn't need to log in so I knew that SSO was working.
I then tried to embed one app service in the other via an iFrame and got the following error
Refused to display 'https://xxx.b2clogin.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
Didn't pursue this so my next step was to try and use Azure Front Door routing to help me out. I managed to get this working for the top level app service (AppService1) by following this post
Exception: Correlation failed. AAD + Azure Front Door
However, I haven't managed to get the routing to AppService2 working. Here's what I tried
Attempt 1
Added a routing path in front door that used /service2 as 'patterns to match'. AppService2 had the following CallBackPath
"CallbackPath": "/signin-demo"
Used a b2c app which a redirect URL of
https://<frontdoor url>/signin-demo
When I try to go to https://[frontdoor url]/service2 I just get taken to the following URL
https://<frontdoor url>/signin-demo
which doesn't display anything.
Attempt 2
Changed the b2c app to one that used a redirect URL of
https://<frontdoor url>/signin-oidc
which is the callback path of AppService1. Doing so gives the error when going to https://[frontdoor url]/service2
Unable to unprotect the message.State.
So, I'm not sure what to try next. What I'm doing feels like it should be possible but I wonder if anyone could help or work out what I'm doing wrong.
Many thanks
This is primarily a strategic question.
I have been using Laravel as of late to build some apps and have an multi-user platform/domain based.
In other words I want to create a web app (and ultimately a mobile app) that I can deploy as a new site/app for a new user who signs up.
So, for instance I have built a site all about Chihuahua's with features for dogs.
But I want to reproduce said site/app for a new user who will use the app to run a site about Dobermans. Unique domain and everything, so I am thinking it would be a whole new install rather than sub-pages of the original app.
Does Laravel allow you to somehow create an app the way you want it and then deploy it out? And then if you updated the base app you could re-deploy it similar to how wordpress works.
Bare bones laravel does not support multi domain and hosting. But it is possible to get some sort of api for a hosting service and domain service and have them deploy their "dog" site like that.
Usually when I build a new website I create a .NET or PHP website. These website either connect to a MySQL DB or an external API. To do this I can securely store my credentials to these services and the back end will authenticate to them. Now since I want to build a Progressive Web App which is front-end only, how can I securely auth to these? Does my PWA have to have a login page that returns an API key that is dynamic? Thanks
Progressive Web App (PWA) is not front-end only. You can see the definition and the PWA Baseline too clearly understand what makes a PWA.
The problem you have mention is authentication on Single Page Web apps (which is front-end only). Here is the first article from Google with keyword "Single page web app authentication".
Token Based Authentication for Single Page Apps
I have asp.net mvc3 application with forms authentication. But the our client request AD authentication as well. But the mvc3 app is hosted outside the clients network. What are the possible solutions for this.
Get permission to access the clients network from remote server.
Get an API to access the active directory data from webserver.
If we choose opt one how could we access active directory for authentication from outside the client network. I anybody have any idea or better options please let me know. Thanks in advance.
My guess is that the Microsoft security products can support this out of the box but I'm not sure how so I suggest that you direct your question to whoever supplies your client with their Microsoft product support.
If you'd rather build a solution so that you've got more control over how it works a quick search found an interesting approach at https://support.freshservice.com/support/solutions/articles/169196-setting-up-active-directory-single-sign-on-sso-for-remote-authentication where they created a simple ASP.Net web site that used AD authentication for sign-on. MVC 5 can build a WebApi site that does that just by creating a new project in Visual Studio with the right options.
That site wouldn't have to do anything except confirm that the credentials supplied were valid or not. Your application would ask the user to enter login / password details, then send a (properly secured) web request to the authentication site to determine whether they're valid. As long as you keep the communication between your server and the client web service tightly secured this should do what you need without much fuss. That approach removes the need for your server to communicate directly with the client's AD server.
I just got Visual Studio 2013 loaded up and want to create a new web/mobile app that uses the same authentication for the website version and the mobile version.
I loaded up both templates (MVC5 w/Indivual Account & WEB API w/Individual Account) to check them out but it looks like I actually want to do a merge of those projects so the MVC5 uses the Web Api 2 OWIN for normal username & password authentication along with Social Media logins via Oauth.
SPA - I did look at this template but I'm not looking for a SPA as my website will need to be SEO friendly plus I know MVC and want to keep using it.
This would seem like an obvious template that developers would like to have in order to support both websites and mobile apps in the same project.
If your target is to share user accounts between the MVC app and the Web Api app, then all you need to do is to have them both point to the same UserStore.
I think this is what you are looking for:
http://leastprivilege.com/2012/10/23/mixing-mvc-forms-authentication-and-web-api-basic-authentication/