Closed GoogleCodeExporter closed 9 years ago
GoogleCodeExporter
commented
9 years ago Likely, you're missing following:
<location path="SocialAuth">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
DeepakOriginal comment by l...@3pillarglobal.com on 19 Dec 2012 at 6:31
GoogleCodeExporter
commented
9 years ago Thanks for your response.
The solution seems to be working partially: now the web flows DOESN'T redirect
to to default.aspx?ReturnUrl=%2fsocialauth%2fvalidate.sauth%3fcode%XXXXXXXXXX
...but it redirects again to default.aspx
even more: if I try to access manually
http://truliing.cloudapp.net/loginorsignup.aspx (the next step after validation
occurs), it falls back again to
http://truliing.cloudapp.net/default.aspx?ReturnUrl=%2floginorsignup.aspx
This behavour happens with any script I manually try to access
Thanks again!Original comment by jonayre...@gmail.com on 19 Dec 2012 at 9:56
GoogleCodeExporter
commented
9 years ago Could you share your web.config? You may replace consumer key/secret with dummy
values if you chose not to share them. Just want to ensure your web.config is
configured properly for SocialAuth.NET
DeepakOriginal comment by deepakag...@gmail.com on 19 Dec 2012 at 11:56
GoogleCodeExporter
commented
9 years ago [deleted comment](edited)
Of course, here it is:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<!--<section name="SocialAuthConfiguration" type="Brickred.SocialAuth.NET.Core.SocialAuthConfiguration, SocialAuth-net, Version=2.1.0.0, Culture=neutral, PublicKeyToken=null" allowDefinition="Everywhere" allowLocation="true" />-->
<section name="SocialAuthConfiguration" type="Brickred.SocialAuth.NET.Core.SocialAuthConfiguration,SocialAuth-net,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" allowDefinition="Everywhere" allowLocation="true" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" />
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<appSettings>
<add key="pruebas" value="1" />
</appSettings>
<!-- Social Auth Configuration-->
<SocialAuthConfiguration>
<Providers>
<!--NO SCOPE-->
<!--<add ScopeLevel="CUSTOM" WrapperName="FacebookWrapper" ConsumerKey="152190004803645" ConsumerSecret="64c94bd02180b0ade85889b44b2ba7c4" />
<add ScopeLevel="CUSTOM" WrapperName="GoogleWrapper" ConsumerKey="opensource.brickred.com" ConsumerSecret="YC06FqhmCLWvtBg/O4W/aJfj" />
<add ScopeLevel="CUSTOM" WrapperName="MSNWrapper" ConsumerKey="000000004403D60E" ConsumerSecret="cYqlii67pTvgPD4pdB7NUVC7L4MIHCcs" />
<add ScopeLevel="CUSTOM" WrapperName="TwitterWrapper" ConsumerKey="E3hm7J9IQbWLijpiQG7W8Q" ConsumerSecret="SGKNuXyybt0iDdgsuzVbFHOaemV7V6pr0wKwbaT2MH0" />
<add ScopeLevel="CUSTOM" WrapperName="LinkedInWrapper" ConsumerKey="9-mmqg28fpMocVuAg87exH-RXKs70yms52GSFIqkZN25S3m96kdPGBbuSxdSBIyL" ConsumerSecret="e6NBqhDYE1fX17RwYGW5vMp25Cvh7Sbw9t-zMYTIW_T5LytY5OwJ12snh_YftgE4" />
<add ScopeLevel="CUSTOM" WrapperName="MySpaceWrapper" ConsumerKey="29db395f5ee8426bb90b1db65c91c956" ConsumerSecret="0fdccc829c474e42867e16b68cda37a4c4b7b08eda574fe6a959943e3e9be709" />-->
<!--DEFAULT-->
<add WrapperName="FacebookWrapper" ConsumerKey="xxx" ConsumerSecret="xxx" AdditionalScopes="xxx" />
<!--<add WrapperName="GoogleWrapper" ConsumerKey="opensource.brickred.com" ConsumerSecret="YC06FqhmCLWvtBg/O4W/aJfj" AdditionalScopes=https://www.googleapis.com/auth/userinfo.profile" />-->
<!--<add WrapperName="MSNWrapper" ConsumerKey="000000004403D60E" ConsumerSecret="cYqlii67pTvgPD4pdB7NUVC7L4MIHCcs" AdditionalScopes="" />-->
<!--<add WrapperName="YahooWrapper" ConsumerKey="dj0yJmk9VTdaSUVTU3RrWlRzJmQ9WVdrOWNtSjZNMFpITm1VbWNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD1iMA escapar guionguion" ConsumerSecret="1db3d0b897dac60e151aa9e2499fcb2a6b474546" />-->
<!--<add WrapperName="TwitterWrapper" ConsumerKey="E3hm7J9IQbWLijpiQG7W8Q" ConsumerSecret="SGKNuXyybt0iDdgsuzVbFHOaemV7V6pr0wKwbaT2MH0" />-->
<!--<add WrapperName="LinkedInWrapper" ConsumerKey="9-mmqg28fpMocVuAg87exH-RXKs70yms52GSFIqkZN25S3m96kdPGBbuSxdSBIyL" ConsumerSecret="e6NBqhDYE1fX17RwYGW5vMp25Cvh7Sbw9t-zMYTIW_T5LytY5OwJ12snh_YftgE4" />-->
<!--<add WrapperName="MySpaceWrapper" ConsumerKey="29db395f5ee8426bb90b1db65c91c956" ConsumerSecret="0fdccc829c474e42867e16b68cda37a4c4b7b08eda574fe6a959943e3e9be709" />-->
</Providers>
<Allow Files="popupdemo.aspx|GetToken.aspx|ManualLogin.aspx" />
<IconFolder Path="~/images/SocialAuthIcons/" />
<Authentication Enabled="true" LoginUrl="default.aspx" DefaultUrl="loginorsignup.aspx" />
</SocialAuthConfiguration>
<!--<log4net>
<appender name="FileAppender" type="log4net.Appender.FileAppender">
<file value="c:\log.txt" />
<appendToFile value="true" />
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date [%property{SessionID}] %-5level %logger %message%newline" />
</layout>
</appender>
-->
<!-- Set root logger level to DEBUG and its only appender to A1 -->
<!--
<root>
<level value="ALL" />
<appender-ref ref="FileAppender" />
</root>
</log4net>-->
<!--Required for internal purpose -->
<location path="SocialAuth">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<!-- <location path="ManualLogin.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>-->
<connectionStrings>
<add name="DefaultConnection" providerName="System.Data.SqlClient" connectionString="Data Source=sxxx" />
<add name="xxx" connectionString="xxx" />
</connectionStrings>
<system.web>
<sessionState mode="InProc" timeout="60" />
<customErrors mode="Off" />
<!--<authentication mode="Forms">
<forms loginUrl="ManualLogin.aspx" defaultUrl="welcome.aspx"/>
</authentication>-->
<!--<authentication mode="None"/>-->
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
<httpHandlers>
<add verb="*" path="*.sauth" type="Brickred.SocialAuth.NET.Core.CallbackHandler" />
</httpHandlers>
<httpModules>
<add name="SocialAuthAuthentication" type="Brickred.SocialAuth.NET.Core.SocialAuthHttpModule" />
</httpModules>
<membership defaultProvider="TruliingSqlMembershipProvider">
<providers>
<!--Add a customized SqlMembershipProvider -->
<add name="TruliingSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="Truliing" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>
</system.web>
<system.net>
<mailSettings>
</mailSettings>
</system.net>
<!--IIS7 Support-->
<system.webServer>
<security>
<authentication>
<!--<windowsAuthentication enabled="false" />-->
</authentication>
</security>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="socialAuth.NET" verb="*" path="*.sauth" type="Brickred.SocialAuth.NET.Core.CallbackHandler" />
</handlers>
<modules>
<add name="SocialAuthAuthentication" type="Brickred.SocialAuth.NET.Core.SocialAuthHttpModule" />
</modules>
</system.webServer>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
</entityFramework>
</configuration>Original comment by jonayre...@gmail.com on 19 Dec 2012 at 12:08
GoogleCodeExporter
commented
9 years ago Thanks for config.
Which authentication are you willing to use for your application?
SocialAuth.NET internal authentication OR Forms based authentication with
socialauth.net support?
DeepakOriginal comment by deepakag...@gmail.com on 19 Dec 2012 at 12:15
GoogleCodeExporter
commented
9 years ago The web application uses facebook friend data, so, the user lands in
default.aspx as you can see on http://truliing.cloudapp.net. When the user
clicks on the facebook button, we ask for a login in our system (if it's an
existing user) or sign up. In this later case, we store user typed credentials
in a classic ASP.NET Membership Schema along with his/her FB Id in a separated
table.
So I think we're in the second point of your Integration_Guide wiki page:
"Use SocialAuth.NET standard authentication engine but custom designed GUI"
Original comment by jonayre...@gmail.com on 19 Dec 2012 at 12:29
GoogleCodeExporter
commented
9 years ago Hi,
Could you please elaborate "we ask for a login in our system (if it's an
existing user) ". I tried your app, it doesn't asks for login. Also I'm not
sure what information would a user enter to login as he didn't create any
username/password account on your website? He authenticated himself via
Facebook and reaches back to your application authenticated.
My understanding is as following on what you're trying to achieve:
1. New user comes to your website and clicks on Facebook
2. User logs in @ Facebook and reaches Back
3. You store AppID and profile details into your database
4. user logs Out
5. Few days later, user comes back to your website and clicks on Facebook
6. Again, he reaches facebook to Login (However this time he doesn't need to
give permission)
7. You are able to recognize this user as an existing one because you already
have AppID available in your data store
Deepak
DeepakOriginal comment by deepakag...@gmail.com on 19 Dec 2012 at 12:51
GoogleCodeExporter
commented
9 years ago Thanks Deepak. I'll explain your first paragraph and after that I'll re-write
your web flow:
The app doesn't ask for login because the first step is always authenticate via
Facebook. It's a business rule of the web app. After the authentication
occurred, the app presents a password input OR a sign-up button. This step
works fine in localhost but not in the production server
(http://truliing.cloudapp.net)
What we're trying to achieve:
1. New user comes to your website and clicks on Facebook
2. User logs in @ Facebook and reaches Back
2.1. SocialAuth redirects to a page where the SocialAuth-authenticated user
must select between signin up (first time) or logging in (checked against our
own asp.net-sql-membership schema)
3. You store AppID and profile details into your database (***we store Facebook
ID and profile details only if 2.1 = sign up, if it was log-in, the web flows
will land in "a dashboard" etc...)
4. user logs Out
5. Few days later, user comes back to your website and clicks on Facebook
6. Again, he reaches facebook to Login (However this time he doesn't need to
give permission)
7. You are able to recognize this user as an existing one because you already
have AppID available in your data store
7.1. back to 2.1 (I'll state it again: it's a business rule, we have to double
check that user has a Facebook ID and secondly the user can sign up or log in
via our own app's password)
Hope this makes sense.
The problem is that it all works fine on localhost after SocialAuth
authenticates the user, but the production server always redirects to LoginUrl,
whatever ASPX file I try to accessOriginal comment by jonayre...@gmail.com on 19 Dec 2012 at 1:22
GoogleCodeExporter
commented
9 years ago Hi again!
So... Any ideas?Original comment by jonayre...@gmail.com on 20 Dec 2012 at 9:24
GoogleCodeExporter
commented
9 years ago Sharing a few quick thoughts:
1) On Click of Facebook icon, can you use Login() operation of SocialAuth.NET
which takes as an argument returnUrl which you can set as signuporlogin.aspx.
2) Since you're not using FormsAuthentication, instead of commenting the tag
in config, explicitly sey AuthenticationMode= None (SocialAuth internals looks
for it)
So, If I remove unused tags, your config would look something like following
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="SocialAuthConfiguration" type="Brickred.SocialAuth.NET.Core.SocialAuthConfiguration,SocialAuth-net,Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" allowDefinition="Everywhere" allowLocation="true" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" />
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<appSettings>
<add key="pruebas" value="1" />
</appSettings>
<!-- Social Auth Configuration-->
<SocialAuthConfiguration>
<Providers>
<!--NO SCOPE-->
<add WrapperName="FacebookWrapper" ConsumerKey="xxx" ConsumerSecret="xxx" AdditionalScopes="xxx" />
</Providers>
<Allow Files="popupdemo.aspx|GetToken.aspx|ManualLogin.aspx" />
<IconFolder Path="~/images/SocialAuthIcons/" />
<Authentication Enabled="true" LoginUrl="default.aspx" DefaultUrl="loginorsignup.aspx" />
</SocialAuthConfiguration>
<connectionStrings>
<add name="DefaultConnection" providerName="System.Data.SqlClient" connectionString="Data Source=sxxx" />
<add name="xxx" connectionString="xxx" />
</connectionStrings>
<system.web>
<sessionState mode="InProc" timeout="60" />
<customErrors mode="Off" />
<authentication mode="None"/>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
<httpHandlers>
<add verb="*" path="*.sauth" type="Brickred.SocialAuth.NET.Core.CallbackHandler" />
</httpHandlers>
<httpModules>
<add name="SocialAuthAuthentication" type="Brickred.SocialAuth.NET.Core.SocialAuthHttpModule" />
</httpModules>
<membership defaultProvider="TruliingSqlMembershipProvider">
<providers>
<!--Add a customized SqlMembershipProvider -->
<add name="TruliingSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="Truliing" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />
</providers>
</membership>
</system.web>
<system.net>
<mailSettings>
</mailSettings>
</system.net>
<!--IIS7 Support-->
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="socialAuth.NET" verb="*" path="*.sauth" type="Brickred.SocialAuth.NET.Core.CallbackHandler" />
</handlers>
<modules>
<add name="SocialAuthAuthentication" type="Brickred.SocialAuth.NET.Core.SocialAuthHttpModule" />
</modules>
</system.webServer>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
</entityFramework>
</configuration>
DeepakOriginal comment by deepakag...@gmail.com on 21 Dec 2012 at 1:56
GoogleCodeExporter
commented
9 years ago Thanks Deepak. Setting <authentication mode="None"/> gives me an Error message
401.2.: Unauthorized: Logon failed due to server configuration. Verify that
you have permission to view this directory or page based on the credentials you
supplied and the authentication methods enabled on the Web server. Contact the
Web server's administrator for additional assistance.
I think it's an IIS problem then?
Original comment by jonayre...@gmail.com on 21 Dec 2012 at 2:23
GoogleCodeExporter
commented
9 years ago [deleted comment]Haven't seen this error before on setting formsauthentication to None. I wonder
what authentication was it using when authentication setting was commented out.
In fact it works in Azure as per following thread.
http://stackoverflow.com/questions/7341816/azure-rest-put-or-delete-returns-401
I think it would be easier to resolve this problem in parts.
Can you upload a bare pasic application (with just config and one simple Hello
world aspx page) having authenticationMode = none and then try to browse that
aspx page. If even this fails, then we would need to first identify on how to
make None authentication work on Azure.
Else, if aforesaid takes too much time, you can opt for FormsAuthentication
Mode (3rd way to integrate SocialAuth.NET). In that, you'd need to set
SocialAuthenticationMode = None and make a few config changes
http://code.google.com/p/socialauth-net/wiki/Integration_Guide#Option_–_3:__Ch
anges_for_using_SocialAuth_.NET_standard_authen).
Original comment by deepakag...@gmail.com on 21 Dec 2012 at 3:13
GoogleCodeExporter
commented
9 years ago Thanks Deepak. The authentication it was using was set by me in order to figure
out what was happening. It was set in IIS8, <websitename>, authentication,
FORMS AUTHENTICATION, and "Login URL" set to "default.aspx"
In that way, the app performs as I described, with additional info: if I run
the app locally in the remote server via RDP, the browser ends up in a facebook
error page (an error occurred. Please try again later):
https://www.facebook.com/dialog/oauth?client_id=<myclientid-ommitted>&redirect_u
ri=http%3A%2F%2F10.59.202.135%2Fsocialauth%2Fvalidate.sauth&response_type=code&s
cope=user_photos%2Cread_stream%2Cpublish_stream%2Cfriends_relationships%2Cfriend
s_location%2Cuser_birthday%2Cuser_location%2Cemail
but if I only have "anonymous authentication" enabled, then the error 401.2
comes in.Original comment by jonayre...@gmail.com on 21 Dec 2012 at 3:36
GoogleCodeExporter
commented
9 years ago We haven't tested SocialAuth.NET for IIS8 yet. Facebook error came because the
redirect_uri used is http://10.59.202.135 (as is in url).
I understand you've set FormsAuthentication in IIS8 may be via remote settings.
Ideally, with IIS7, setting Anonymous authentication and running your
application should have worked. But if Anonymous authentication is not working,
then as I mentioned in previous post, please try running application with
FormsAuthentication.
SocialAuth.net internal settings, imitate forms authentication and create
cookies just like forms authentication does. However, I guess SocialAuth.NET is
doing login properly @ Fb but the authentication cookie is not understood by
.NET internal framework which redirects to default page. I'm saying so because
after login when I see a tick mark on FB and manually type
http://truliing.cloudapp.net/default.aspx?signuporlogin.aspx in URL, it
redirects back to default with return URL (which is formsauthentication default
behavior).
I'll recommend to put a little more time on somehow making anonymous
authentication work. But if it doesn't then try FormsAuthentication mode of
integration with SocialAuth.net as mentioned in previous post.
Deepak
Original comment by deepakag...@gmail.com on 21 Dec 2012 at 5:28
GoogleCodeExporter
commented
9 years ago OK. The culprit was an extra <authorization> tag under <system.web>. I noticed
it when considering the 3rd way to integrate SocialAuth by setting <allow
users="*"/>
Thank you all for your patience and time!Original comment by jonayre...@gmail.com on 26 Dec 2012 at 9:07
GoogleCodeExporter
commented
9 years ago I'm glad that the issue is resolved and you are able to proceed further. Feel
free to post any other query. I'm closing this one though.
Regards,
Deepak
Original comment by deepak.a...@3pillarglobal.com on 26 Dec 2012 at 9:20
Original issue reported on code.google.com by
jonayre...@gmail.comon 18 Dec 2012 at 2:06