I want to show my own custom image for facebook connect. How can I do it?
You can use the Oauth2.0 protocol to do the user authentication.
The javascript libraries by facebook are just a service you can but don't have to use.
It is described in detail here: http://developers.facebook.com/docs/authentication/desktop
You basically just have to direct the user to a link, and analyze the link (serverside) when the user gets redirected back.
What button/link/image you use in your frontend is then all up to you.
There is also a nice port of facebook to openid available here, that you may be interested in: Best way to implement Single-Sign-On with all major providers?
Related
I am trying to integrate docusign with a React Native app I am building. My desired workflow is to have the user launch a remote signing envelope based on a template.
From the Node JS examples, eg009 seems to be the end result I am after. However, I am wanting to complete this with Axios/Fetch and Javascript.
My intended flow is to have the user enter in their name and email, and their spouses name and email. From there they press a submit button which sends the API call, and that is the extent of what the app does.
I am wanting the API call to then start the template flow, sending a document to sign via email to both that were entered into the app. I want the users to authorize themselves from the email, not the app. After both parties have signed, I want it sent to a third static email.
I do not want the users to have to authorize inside the app or be redirected anywhere. It seems a JWT would be best.
Does this seem possible? How would you suggest going about this?
I appreciate the help!
Looks like the JWT grant flow is the right fit for you here. Please see this article for more details: https://developers.docusign.com/platform/auth
There's no good solution for running DocuSign API calls from client as a result of CORS limitations.
Larry has some blog posts on this topic - https://www.docusign.com/blog/dsdev-building-single-page-applications-with-docusign-and-cors-part-2
You could use something like AWS lambda which is not a server per-se, but gives you server capabilities without the hassle of a server.
Check also the latest blog by Larry on this topic which superficially covers using React for single-page apps.
I want to add popular social authentication mechanisms to my website, I looked at the passport library (https://www.npmjs.com/package/passport) but i want to achieve the client side authentication with a popup rather redirecting to the google/ facebook.
I see discuss does the similar thing on their iframe embedding.
is there any library available in market to do this or i need to do this manually myself?
For authentication via client-side without much effort you may use Firebase(Google's BaaS), it allows you to handle social authentication(Facebook, Google, Twitter, Github, etc...), you can handle user sessions, check if the user is currently logged or not, log the user out, and get social user data, such as profile picture, email, and other types of information based on the permissions that you asked for.
You might want to take a look at the docs:
https://firebase.google.com/docs/
Or check their own series of video tutorials:
https://www.youtube.com/watch?v=-OKrloDzGpU (this tutorial is about Auth on the web)
I'm writing an app using Phonegap.
I'd like to give some perks to the user for posting about the app on their wall (or something of the sort) if they wish to do so.
There's a neat Cordova plugin which covers Facebook's functionality pretty thoroughly and more importantly it appears that it does so as natively as it can manage.
If a plugin like that is not available however, what is a high-level overview for having a user:
authorize with FB
post something canned on FB
ascertain that they have in fact posted what was given to them
I believe there's a way to do these things using Facebook's JavaScript SDK, but I've never seen an app ask me for my username and password (that wasn't the actual Facebook app) and I don't imagine Facebook would be happy with that, so what's the best way to go about that?
Additionally, if I want for a user to log in using Facebook in my app, (think Tinder) what is the data that I should be saving? Facebook login token and device ID? What are the best practices when it comes to using facebook and phone data to identify and store user account information server-side?
Facebook Login for Android -
The Facebook SDK for Android provides methods to implement Facebook Login for your app. The SDK provides Facebook Login support for the these common scenarios:
Your app uses only Facebook Login to authorize people using your app.
Your app provides two login options: Facebook Login and your own
login mechanism.
Your app uses your own login initially and Facebook Login is an
option to switch on certain social features.
For more - login-with-facebook.
Manually Build a Login Flow -
The easiest and quickest way to implement Facebook Login is with our official SDKs for JavaScript, iOS, and Android and we recommend you follow our separate guides for these platforms.
However, if you need to implement browser-based login for an app without using our SDKs, such as in a webview for a native desktop app (for example Windows 8), or a login flow using entirely server-side code, you can build a Login flow for yourself by using browser redirects.
This guide will take you through each step of the login flow and show you how to implement each one without using our SDKs:
Checking login status
Logging people in
Confirming identity
Storing access tokens and login status
Logging people out
Make direct HTTP requests to Graph API endpoints to retrieve
and post data.
For more check - manually-build-a-login-flow.
Pros:
No plugin dependency and no uncertainties when new versions of
Cordova or the Facebook SDK are released.
Works for all platforms, including platforms for which a version of
the plugin doesn’t exist.
Works for both browser-based apps and Cordova apps.
Cons:
Not full-fledged, less out-of-the box features.
Integration not as tight. For example, no native dialogs, etc.
The logic is integrated together and is available on github as OpenFB.
Sample Example -
Login using Facebook:
openFB.login(scope, successHandler, errorHandler);
Get the user’s list of friends:
openFB.api({path: '/me/friends', success: successHandler, error: errorHandler});
Post on the user’s feed:
openFB.api(
{
method: 'POST',
path: '/me/feed',
params: {
message: 'Testing the Facebook Graph API'
},
success: successHandler,
error: errorHandler
});
Either you have to use Facebook connect plugin to post something from cordova app, or the other way that I use to post something about my app review is using the URL way. Facebook has feed dialog / share url system to post in facebook. Simply calling it with native browser and correct parameters does the job, facebook takes care about the authorization and posting , I don't need to handle that.
https://www.facebook.com/dialog/share?
app_id=145634995501895
&display=popup
&href=https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2F
&redirect_uri=https://developers.facebook.com/tools/explorer
Found here Don't know will it work in inAppBrowser or not, I just call the native browser.
And AFAIK to post from within the app, it has to be the plugin.
OpenFB is even better than the Apache Cordova Plugin. The plugin isn't well maintained. Sometimes it takes months to update to the latest version of Facebook OpenGraph. OpenFB is constantly updated.
You would just use the JavaScript SDK to do this. See https://developers.facebook.com/docs/facebook-login/login-flow-for-web/v2.0
You have an option to use standard components or make your own buttons. You can also let users auto-authenticate after granting permissions initially or always press the button etc. The FB docs are easy to follow though.
Javascript SDK provides FB.login function to easily login other users. I just wonder whether there exists a way through PHP SDK that realize the same function --- that is click the login button and then allow the user to login and also allow the app to use the user's info?
The reason I ask the question is that someone told me that it's possible to be hacked if implemented by javascript and it's somewhat securer by the use of server-side PHP. Can anybody tell me the exact idea of this?
You can defiantly use the PHP SDK to log users into your application.
There exists within the SDK a method called getLoginUrl() which receives parameters such as what permissions you want to request from your users. Once you have received the url, you can use the php header function to redirect the user to the login screen or use an anchor tag and let the user login by clicking on it.
Using an instance of the Facebook Object in PHP SDK and getUser method is what you need to be sure of the authenticity of your users.
I suggest you to implement JSDK and PHP SDK to get the best login & register experience possible and also take full advantage of the features of both SDKs.
I usually use Javascript SDK to detect session status and login users, and PHP SDK to integrate the Facebook experience with my CMS (Drupal).
In the signed request travels information as your Facebook user ID and other stuff. Remember that the signed request is encrypted in base64 with you secret key, so it's not an easy thing to manipulate.
Tip: You can use the Facebook register plugin to provide an alternative & fast registration using Facebook data. See https://developers.facebook.com/docs/plugins/registration/
I'm working on a web application where users will create accounts. Then clients will be about to have a section on their site for users to login with my sites login credentials. However... I don't want the clients site to be able to see or handle their login credentials. I am wanting to do cross domain authentication just like facebook connect does.
I have done research and it looks like I will need to create a javascript library that users will need to add into their site. Inside that javascript file I will need to create an iframe that will connect to my main site. From there a cookie will need to be placed then checked.
Does anyone know of well written tutorials on how to do this or could you explain in detail on what all will need to be done?
EDIT:
How would the storing and reading of cookies work. Anyone have examples?
The simplest way would be a plain iframe. Twitter does it a lot. If your have to communicate with the parent site for some reason, try building an API with the postMessage function.