-
Notifications
You must be signed in to change notification settings - Fork 191
Enabling Third Party Authentication- iOS application #632
Comments
Hey @krishnakanthjb our apps don't currently support SSO. |
Our application server is enabled with PingOne SSO. Is there any possibility to leverage the same from the mobile application? |
Hi @krishnakanthjb our apps currently don't support SSO. If that's something you want to implement, I'm happy to provide guidance. I haven't looked at it closely, but I would estimate it to be one or two weeks of work. |
Hi Aleffert. Sorry for the late reply. We are trying to use the certificate based authentication. Following are the steps that we are following from the edx mobile application. Assuming that the URL is should also take the authentication token, but as of now it is not there. Do the user needs to be authenticated from the app, before accessing the the REST API? Please confirm on this approach. Also let us know if any more details required. Thanks in advance. |
Hi @krishnakanthjb That sounds to me like what you'll need to do, but I am not an expert on SSO, so there may be weird edge cases I don't know about. Most REST API endpoints need the user to be authenticated first. The login and register endpoints are exceptions. That means when we make a URL request we already include an oauth token. You'll need to connect your URL handler that gets receives the token from safari, to the place where we set up the access token (see OEXSession and OEXAccessToken). |
Thanks for the reply. So please confirm whether will it work if we assigned the new token in OEXSession and OEXAccessToken. Also let us know, will it have any effect while enabling the social network frameworks, if we enable them in future? Can you please let us know if there any guide lines/sample code to set up the token in OEXSession and OEXAccessToken |
@krishnakanthjb which session are you talking about? Maybe you can give me some more detailed examples. There shouldn't be any problem with enabling the social logins later (though make sure you are branched off v1.0.6 not v1.0). The way the system works, once you have a token it shouldn't matter where it came from. |
We want to by by pass the signin/ sign up page and want to replace the token with new authentication token that we receiving from our server. If yes..please let us know the best way of assigning the token in OEXAccessToken class.. Thanks in advance.... And will it be possible to have some working session to implement the SSO in edx mobile app? |
@krishnakanthjb I would encourage you to look at OEXAuthentication and try to copy with is done for google and facebook. That code is kind of ugly and I'm hoping to refactor it at some point, but it's what we have for now. If you have a valid oauth token everything should just work. I don't know enough How do you picture a working session going? What time zone are you in? |
Thanks for the reply. Following is the error details: Error parsing headers: 'limit request headers fields size' Status Code: 400 Bad Request Please suggest if this needs to be fixed from server side or the from the iOS code. I work in IST time zone, but I am open to have a working session as per your availability.... Thanks for your help as always.. |
Hi @krishnakanthjb, I think you need to convert your SAML token into an oauth token. If you look in |
In our case the backend name is tap-SAML which is not accepting by this api. |
@krishnakanthjb What do you mean by not accepting? Do you mean that the API doesn't work even though you think it should? Or do you mean it goes through a different path entirely so it doesn't matter? If the API isn't working, you might have better luck asking on the openedx slack. |
Has there been any progress on integrating SSO over the past few months or is third party auth using OAuth still the best option? I'm interested in helping out if I can. Thanks! |
We are converting the SAML token to Auth token and passing to the APIs. It is working as expected. |
Can you point me to your code which does this for a SAML TPA provider? I dug through the branches on your fork and couldn't find any which did this. |
@jaimeohm There's an edX meeting agenda that mentioned Appsembler is looking into this too -- do you have any code, resources, or lessons learned to share? |
@pomegranited I don't, it dropped in priority. This has been reopened as an issue here, though. https://github.com/edx/edx-app-ios/issues/954 cc @krishnakanthjb |
Could you please let us know, how to implement the SSO implementation for the edx-iOS applications.
Similar to web : http://edx.readthedocs.org/projects/edx-installing-configuring-and-running/en/latest/configuration/tpa/
The text was updated successfully, but these errors were encountered: