Firebase Authentication: Where is the token stored in web? - javascript

I was curious about how firebase auth token works.
Then I found this answer saying that token is stored in local storage.
https://stackoverflow.com/a/62577638/7239472
However, when I checked local storage in Application tab of my Google Chrome inspector, there was nothing.
So from where does the Firebase Auth SDK get the token value?
I also checked that currentUser object contains token value but I'm not sure where that came from.

Token can be found in firebaseLocalStorageDB. Please refer to this path.

Firebase saves its connection-token on a storage called "indexedDB".
You can see it by doing: inspect->application->indexedDB then you will see a firebase "key-value table" called "firebaseLocalStorage".

Related

MIcrosoft Teams Custom App store accessToken

I made a Microsoft Teams Custom App, I've already get the accessToken from my external api that athenticate the user.
My problem is: how I can I save the received accessToken into Teams context? If I can't do this, how can I pass it from my tab to my messageExtension?
Thanks.
finally I decided to use Table Storage for save and get the received accessToken.

Cookies.get function for js-cookie is returning an old value after being reset

So I am using js-cookie in a webapplication to which I'm using it to set a jwt token. My login function does Cookies.remove('jwt') before calling the axios post for the login and in the response I Cookies.set('jwt', token,{expires:1});
Within the app the api I am calling Cookies.get('jwt'); but it is referencing a previous token from before logging in.
I check the application tab and don't see a previous reference of the old token in the cookies, I checked the documentation but is there anything that I am missing I am not sure why the old token is being used.

Google access_token is undefined

I am developing a mobile web application which will access the Google Books API and allow the user to add books to their "favorites" book shelf. Its my first time using an API that requires the Google authorization.
I need to send an authorized request to modify private user data. I (think) I have have the proper access_token but I can't figure out how to get to it.
I am using the Google sign in button like so:
` <div class="g-signin2" data-onsuccess="onSignIn"></div> `
I also have this to identify my application to Google:
`<meta name="google-signin-client_id" content="12345.apps.googleusercontent.com"> `
I sign in with my own Google account and the Google button changes over to "Signed In." I am simply trying to log the access token from there:
` function onSignIn(googleUser) {
googly = gapi.auth2.getAuthInstance();
var id_token = googly.currentUser.get().getAuthResponse().access_token;
console.log(id_token);
} `
I've tried everything I can find in the documentation but no matter what I do, I get back that access_token is undefined.
My suspicion is that I don't actually have an access token, but I don't know how to test that.
What is the correct way to find the access_token? Once I have it, how do I send it to the API?
It's so late but if you pass true parameter to getAuthResponse "getAuthResponse(true)" it returns access_token.
Try using gapi.auth in the API Client Library instead of gapi.auth2 in the Identify Platform. You should find gapi.auth.getToken().access_token contains the access token you need.
That said, I believe this is a bug. If you alert(JSON.stringify(googleUser)) I suspect you'll find there is an access_token field buried in there, but getAuthResponse() doesn't contain it, even though the docs suggest there should be one.
If anyone can confirm I'm understanding this correctly and report it, that would be great.
If you include the response_type in the request header as 'token' it will return the access_token with the currentUser

Facebook API - access token works for SOME requests

This is driving me totally crazy. I've set up an FB app and retrieved an access token by visiting: https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET.
Now I want to grab a (publicly available) feed from this URL: https://graph.facebook.com/PAGE_OR_USER_ID/feed?access_token=ACCESS_TOKEN
It works fine when I try it with my own user ID or even when I try another random page but it DOESN'T work when I enter the PAGE_ID I need it to work with.
Here are some examples:
This works fine (a friend of mine's Facebook page):
https://graph.facebook.com/tatchit/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
This also works fine (my own Facebook ID):
https://graph.facebook.com/al.dev.7/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
This doesn't work (the client's Facebook page):
https://graph.facebook.com/142616539131188/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
I don't get any errors but the result is empty.
If I try the Graph API Explorer it also works fine:
https://developers.facebook.com/tools/explorer/?method=GET&path=142616539131188%2Ffeed
But not if I enter my own access token. From what I understand the access tokens you get in the API Explorer are temporary so I don't want to use that.
How can this be?
Also. I've struggled to understand this whole access-token, client-id, app-id-business for ages now - is there a good tutorial where all this stuff is explained? I've never had this work without problems ever.
Thank you
You should be using user access token for all the above queries. App Access token is used when you want to do something like check the app insights so and so.
When the pages has age restrictions or something so, app token wont be able to get through, but since the user is already a member of the page, you can use the user access token to get the data.
Add : Quoting from the documentation,
Note that the **app access token** is for publishing purposes permitted by the publish_actions and publish_stream permissions. You will be **unable to retrieve information** about the status update post with the given ID using the app access token. Instead, you should use a **user access token** for such purposes.
Other Capabilities of an App Access Token
There is a limited set of information that can be retrieved from Facebook using an App Access Token.
Basic Profile Info of a User (ID, Name, Username, Gender)
A User’s Friends and their IDs
Permissions granted by the User to your App
Read : https://developers.facebook.com/docs/opengraph/using-app-tokens/
So you should be querying with the user_access token to access all the informations that you are looking for, not with an app access_token.
You are using an App Access token instead of a User Access token. Some of the pages you are viewing may have a country or age restriction set, so using an app token will not work.
See: http://developers.facebook.com/docs/concepts/login/access-tokens-and-types/

Using Facebook Javascript SDK to get Graph Data

FIXED NOW! But I can't answer my own question yet. See my comment below. And thanks for helping.
I've searched and searched and read the docs and still can't figure this out.
I have a web page about an event. There's also a public Facebook "event" for my event. I'm trying to use the FB Javascript SDK to get the number of attendees for the Facebook event and add it to the number of people who've registered through the website.
I've created an app and I have an appID and secret string. I can get an access token from:
https://graph.facebook.com/oauth/access_token?client_id=XXXX&client_secret=XXXXX&grant_type=client_credentials
and I can then use that access token to get the attendees for a public event:
https://graph.facebook.com/331218348435/attending?access_token=XXXXXXXXX
That's all fine.
I'm now trying to do this same thing using the Javascript SDK.
I've loaded the SDK and done an init:
FB.init({
appId : 'XXXXXXXX',
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
and I know the SDK is working because I can get an object with the data that doesn't need an access token:
FB.api( '/331218348435', function (response) { console.log ( response ) } );
but when I try to get the attendee data that needs the access token:
FB.api( '/331218348435/attending', function (response) { console.log ( response ) } );
I get an OAuthException: "An access token is required to request this resource."
All the tutorials and information I can find all refers to using the .login method, but I don't want a user to login, I want to login using my app ID without any user interaction.
I'd assumed that the API took the SDK's init request and granted me an access token when I called the .init method, the authentication being done against my website's address (the HTTP referrer - yes I have set my website URL in the Facebook app settings).
Any ideas what might be causing this to not work? How can I get the access token using the Javascript SDK without doing a .login? Am I missing a step? Is this even possible?
Thanks
Form what the rather circular documentations says, getting the attending feed requires a 'generic access_token`. In Facebook terms:
Any valid access_token
Any valid access token returned by our APIs. An access token may not be valid if, for example, it has expired. No special permissions are required. Occasionally, this is referred to as a generic access_token.
So this means that you can use any token you like to access the attending feed, as long as the event is public. The easiest access token to get seems to be an app token: http://developers.facebook.com/docs/authentication/#applogin. You can get this token using only your App ID and Secret, and no user interaction is required.
To summerise the link content: You can get an application access token by sending a GET request to
https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=client_credentials
You can then use that access_token to make the call for you attending list
FB.api('MyEvent/attending?access_token=ACCESS_TOKEN');
Oh. OK.
Well, for whatever reason, I went away and had my dinner and when I come back it's working fine.
When I updated the settings for my app Facebook said it might take a few minutes for the change to get around the servers. Turned out to take over an hour!
My code was fine.
Thanks for your help.

Categories