I am creating a web app that allows users to register using their Facebook account. I am using django-facebook to do the authentication / registration of new users. I am trying what I think is the simplest setup, using django registration instead of userena. Everything works well when I use my own Facebook account: I am asked to confirm that I allow the app to have access to my profile, a new account is created in the auth_user table and I am logged in.
However, when I am logged in into Facebook as a test user, I confirm that I allow the app and then I am redirected to facebook/connect/?facebook_login=1&attempt=1&code=AQBM0-z......
The new account is not created.
Here are my relevant settings:
TEMPLATE_CONTEXT_PROCESSORS = (
'django_facebook.context_processors.facebook',
'django.contrib.auth.context_processors.auth',
'django.core.context_processors.debug',
'django.core.context_processors.i18n',
'django.core.context_processors.media',
'django.core.context_processors.static',
'django.core.context_processors.tz',
'django.contrib.messages.context_processors.messages',
)
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
AUTHENTICATION_BACKENDS = (
'django_facebook.auth_backends.FacebookBackend',
'django.contrib.auth.backends.ModelBackend',
)
FACEBOOK_APP_ID = NNN
FACEBOOK_APP_SECRET = NNNN
FACEBOOK_REGISTRATION_BACKEND ='django_facebook.registration_backends.FacebookRegistrationBackend'
AUTH_PROFILE_MODULE = 'django_facebook.FacebookProfile'
It seems like the whole problem is that django-facebook removes the long emails from the facebook data. This makes the auth not be able to create an account.
I just commented out the following lines in api.py
if len(user_data.get('email', '')) > 75:
#no more fake email accounts for facebook
del user_data['email']
Related
I'm trying to use Okta SSO to authenticate my users in AspNetZero app.
When I click on the OpenID in the bottom of the login page, I'm redirected to Okta login and then I'm back to my app login page and finally "openIdConnectLoginCallback" is calling "ExternalAuthenticate" on the TokenAuthController and the call to _externalAuthManager.GetUserInfo throw exception "name claim is missing".
In "login.service.ts", claims array contain "name" claim and ExternalAuthenticateModel.ProviderAccessCode contains a valid JSon Token and I check and "name" is in the token.
let claims = this.oauthService.getIdentityClaims();
const model = new ExternalAuthenticateModel();
model.authProvider = ExternalLoginProvider.OPENID;
model.providerAccessCode = this.oauthService.getIdToken();
model.providerKey = claims['sub'];
model.singleSignIn = UrlHelper.getSingleSignIn();
model.returnUrl = UrlHelper.getReturnUrl();
Here is my appsettings.json
Here is my app configuration in Okta
Any ideas to fix that "name" claim missing ?
I have a Laravel application with it's own user authentication system. I am using firebase only for real-time chat and push notifications.
In order to store chat conversations in firestore, I can directly just write/read data without any auth system. however I need to protect the data with read/write rules to only allow authenticated users.
But I don't want to login the user with email and password again, instead I want to use the signInWithCustomToken function. As per the docs, It says I can pass my own customtoken which was created from the laravel application when signing the user in.
Now My question is, I do not want to use the token generated by the laravel application instead I want to use the user's id from the laravel application's database
Laravel application users table:
users table:
id | name | email | password | age
1 | mike | mike#example.com | hashedpass | 40
in Firebase signInWithCustomToken can I pass the user's id like this as the uid ?
const auth = getAuth();
const token = 1; ------------------------->user id from laravel
signInWithCustomToken(auth, token)
.then((userCredential) => {
// Signed in
const user = userCredential.user;
// ...
})
.catch((error) => {
const errorCode = error.code;
const errorMessage = error.message;
// ...
});
Is this a good practice? so I can match the user in firebase with the uid and my database's user_id?
If you want to call signInWithCustomToken to sign a user, you will have to always mint a custom token for that user. You can't switch from signInWithEmailAndPassword to signInWithCustomToken for the same user account.
right now i'm trying to build an app for G Suit marketplace which allow the admins to read users emails using Gmail APIs. I found that we can do that by using a service account but i only can access the users emails in my domain. right now i don't know how i can make admins from outside my organization use my app to read users emails
from googleapiclient import discovery
from google.oauth2 import service_account
SCOPES = ['https://www.googleapis.com/auth/gmail.readonly']
SERVICE_ACCOUNT_FILE = 'service_file2.json'
emails=['user2#example.com','user1#example.com']
for email in emails:
# The user we want to "impersonate"
USER_EMAIL = email
credentials = service_account.Credentials.\
from_service_account_file(SERVICE_ACCOUNT_FILE, scopes=SCOPES)
delegated_credentials = credentials.with_subject(USER_EMAIL)
service = discovery.build('gmail', 'v1', credentials=delegated_credentials)
email_list = service.users().messages().list(userId=USER_EMAIL).execute()
b = 3
for m in email_list['messages']:
message = service.users().messages().get(userId=USER_EMAIL, id=m['id'], format='metadata').execute()
print(message['payload']['headers'][1]['value'])
I have used laravel auth and socialite package in my web app. I have followed https://www.youtube.com/watch?v=uavoKwhGBKI&t=932s link and it working fine.To be brief, If I register using socialite it fetches the name of the user and email but needs to be filled other details as DOB and password but if I submit without filling that it shows 500 error while if I register without socialite then my validation works fine.The registration page is same.
Socialite only gives you access to a select set of data returned from a successful connection.
# Retrieving User Details
https://laravel.com/docs/6.x/socialite#retrieving-user-details
$user = Socialite::driver('github')->user();
// OAuth Two Providers
$token = $user->token;
$refreshToken = $user->refreshToken; // not always provided
$expiresIn = $user->expiresIn;
// OAuth One Providers
$token = $user->token;
$tokenSecret = $user->tokenSecret;
// All Providers
$user->getId();
$user->getNickname();
$user->getName();
$user->getEmail();
$user->getAvatar();
# Modifying LoginController
https://scqq.blogspot.com/2017/11/laravel-55-socialite-login-with-twitter.html
This guide you followed does not actually register a user by social platform. It only pre-populates the default Laravel registration form with the fields name and email as shown below. This is where you can add another property from above, such as the user's avatar, if desired. You would also need to add the corresponding field to the registration form.
return view('auth.register', [
'name' => $userSocial->getName(),
'email' => $userSocial->getEmail(),
// ... 'avatar' => $userSocial->getAvatar(),
]);
Google is NEVER going to give you someone's password!
The whole point of Socialite is to allow Google (or the selected provider) to authenticate the user — not your application.
If you wish to actually register a user with Socialite (without any additional forms or setting a password), you will need to modify or extend RegisterController.php to be able to support this.
I'm new to building APIs, and I'm using Laravel and some packages, like Passport.
In this project I'm creating an API to communicate with a mobile app and make some tasks, like creating users and adding some information related to the users.
I'm already getting the idea of how it works with tokens, and I already have almost everything done. My only question is, for example, before I create a register user to receive the token I have other information being presented in the mobile app, like news, and some listing information that is not needed to login or register.
In my API I already have these routes ready, but I cant access this information because I need a token.
How do iI handle this situation? When I need to access information, where I cant present it?
Use your controllers to retrieve the data you need from your database and then return a response with the data and create a token for the user:
...
$status = 200;
$response = [
'data' => Your data (user info, listings, news...),
'token' => Auth::user()->createToken("YourTokenName")->accessToken,
];
return response()->json($response, $status);
Then you could store that token in localStorage:
axios.post('your-api-route')
.then((response) => {
localStorage.setItem(`${"YourTokenName"}.jwt`, response.token);
...
})
And finally attach that token to the api routes that require authentication:
axios.defaults.headers.common['Authorization'] = 'Bearer ' + localStorage.getItem(`${YourTokenName}.jwt`);