I have a mobile application and will like to have the authentication implemented either through the Application itself or through Facebook username and password.
For example, if I have username and password of Facebook then one can login into the Application. I don't want to integrate the facebook completely only the authentication part. Is this possible?
Hope to get a quick response.
Regards
Sunil
You can use de Facebook API, I used an implementation based on FBConnect for Android, but last thursday was released the Facebook SDK for Android, now that implementation would be more easy.
You can try to do this as in this project: http://code.google.com/p/triker/. Just don't ask for offline access in mobile app code (remove it from fb url get). When your backend get authcode You will know that user has FB account. If You wish You can exchange that code to auth token on server to get access to users data.
Related
I have integrated Facebook login and Twitter login as guided by the firebase tutorials. I am trying to integrate Instagram login for firebase authentication in my android application. I found this firebase article. I have few problems with this guidance.
In Twitter and Facebook integration, firebase provided a callback URL.
Can't we get a custom redirect-uri from Firebase just like for facebook and twitter which will handle the redirection in the same way?
It seems according to this guide, we should have an authentication server endpoint to be redirected after Instagram authentication. In that case how to continue with the authentication process without any kind of interruption in the Android application? To put it another way what is the server side implementation of the redirect-uri endpoint?
You can use Firebase Function. You can refer to this sample. This is the fastest way to achieve Instagram login without having any server-side code.
However, you still need to upgrade to the Blaze plan from Firebase.
I am having trouble wrapping my head around the following:
Android app with a Facebook login
NodeJS (Hapi.js) server backend
In the past I was using a simple username password system that made it very easy to create a server side session and authenticate server requests (for example: get all users that are within 50 km of me). I removed that system and chose for a Facebook login in the android app because it will help decrease some of the load (for example: we don't need to store our own images...).
The problem is that I am not sure how to handle server side authentication. All GET's, POST's,... can only be done by users that are also logging in on my Android app using the Facebook integration.
I found the following topics already on Stackoverflow:
Facebook authentication to my server using Android
Provide secure Facebook authentication with my Server
I just want an updated opinion on the matter, is it secure enough to just send the token to my node server and make a Facebook API call using it to check for a valid authentication?
If there is a better approach please share it! Thanks in advance.
Yes, it is secure enough to send Access Token to your server and make an API call to Facebook for validating that Access Token. AFIK this is the Best approach.
The project I'm working on is an Android/Rails hybrid using Devise for authentication. I've already got token authentication setup.
What I am not trying to figure out how to do is how to login a user via the Android device. There is a username/password login form on the Android application. I want it to send the username and password to the Rails application, have the Rails application authenticate the user based on these credentials, and then have the Rails application respond with this user's token.
How can I do this? Is there a Devise method that I can pass a username and password to for authentication?
Thanks.
You should look into Devise's support for HTTP Basic Authentication. This blog post describes the process for enabling it.
http://pivotallabs.com/users/ledwards/blog/articles/1534-http-basic-authentication-and-devise
Update:
Here is a detailed slide show explaining the various methods of authenticating using devise:
http://presentations.royvandewater.com/authentication-with-devise.html
I followed the tutorial here: https://developers.facebook.com/docs/mobile/android/build/#enablesso
I am able to authenticate on the android side, but what I want to do is to use SSO or some sort of authentication using facebook [preferrably OAuth] to authenticate against my web application on GAE. I expect it to work something like this: blog.notdot.net/2010/05/Authenticating-against-App-Engine-from-an-Android-app
This is the sort of flow I expect:
The user starts my app, and is prompted with an option to authenticate to FB.
The FB app/web dialog opens and asks the user to confirm permissions to be given to my app.
Once that is done, FB provides me with a cookie [or something similar].
I use that cookie for subsequent requests to my web service, where I can get the username simply using:
user = oauth.get_current_user()
user.nickname()
Is anything like this possible? The problem I face is that while performing SSO, there is no place where I specify an OAuth end point. GAE provides OAuth endpoints [http://code.google.com/appengine/docs/python/oauth/overview.html], which I think I should be using. Any clue as to how I can proceed about this?
Any help is appreciated. Regards, rohan
You need to implement the server-side authentication flow: http://developers.facebook.com/docs/authentication/
I implemented it in Java: see the LeanEngine oss project. You could probably reuse the android client part: the login dialog.
I am using FB SSO for an Android App and I would like to use the Facebook ID to authenticate my users when they upload data to my server. I imagine I should send the OAuth token when making the call to the server. Any examples out there that could help me get started?
Thanks for any pointers.
I have faced the same problem a while ago.
In the end, I did it using the following way:
I get the token via Facebook Android SDK and pass it to my server with the users email address and facebook id. Server tries to get users email address using the token. If the email addresses match, the user has authenticated.
Can you please clarify further, you want to authenticate user on your server via Facebook ID? The access token received via SSO will allow you to call graph apis, FQL query etc. which may require special permissions depending upon what you want to do.
More on Android SDK: https://developers.facebook.com/docs/guides/mobile/#android
More on Permissiosn: https://developers.facebook.com/docs/reference/api/permissions/