Back to oneall.com

Why doesn't the option set_force_re_authentication work with Twitter and LinkedIn in Basic plan?

Thomas_HuongThomas_Huong
edited August 2015 in Questions
Dear supporter,

I have purchased the Basic plan for my site. I am meeting an issue that the option set_force_re_authentication does not work with Twitter and LinkedIn.

Below is what I have implemented:

var _oneall = _oneall || []; _oneall.push(['social_link', 'set_providers', ['facebook', 'linkedin', 'twitter']]); _oneall.push(['social_link', 'set_callback_uri', '{$callbackUrl}']); _oneall.push(['social_link', 'set_custom_css_uri', '{$customCss}']); _oneall.push(['social_link', 'set_grid_sizes', [1,3]]); _oneall.push(['social_link', 'set_user_token', '{$userToken}']); _oneall.push(['social_link', 'do_render_ui', 'oa_social_link_multiple_sns_container']); _oneall.push(['social_link', 'set_force_re_authentication', true]);

I know Twitter has a way to force user to re-input their credentials by adding a force_login=true on the URL. Why doesn't oneall do that ?

Regards,
Bach Huong

Best Answers

  • Fred_PinelFred_PinelMember
    Answer ✓
    Hi Thomas,

    The Twitter fix should be in service now. Could you report on how it works for you?

    Thanks.
  • Fred_PinelFred_PinelMember
    Answer ✓
    Hi Thomas,

    We cannot find this error in our tests.
    When setting set_force_re_authentication, linking will set force_login to Twitter.
    Unlinking via the modal requires the credentials to be used in all cases, so that should be ok for you.

    Is there anything specific about your setup?

Answers

  • Fred_PinelFred_PinelMember
    Hi Thomas,

    Try placing the 'set_force_re_authentication' line before the 'do_render_ui' line.

    Hope this helps.
  • Thomas_HuongThomas_HuongMember
    Thank for replying, Frederic.

    It still doesn't work, this is what I have tried:

    var _oneall = _oneall || [];
    _oneall.push(['social_link', 'set_providers', ['facebook', 'linkedin', 'twitter']]);
    _oneall.push(['social_link', 'set_callback_uri', '{$callbackUrl}']);
    _oneall.push(['social_link', 'set_custom_css_uri', '{$customCss}']);
    _oneall.push(['social_link', 'set_grid_sizes', [1,3]]);
    _oneall.push(['social_link', 'set_user_token', '{$userToken}']);
    _oneall.push(['social_link', 'set_force_re_authentication', true]);
    _oneall.push(['social_link', 'do_render_ui', 'oa_social_link_multiple_sns_container']);

    Please help me to overcome this issue.

    Great thank for that,

    Thomas
  • Thomas_HuongThomas_HuongMember
    edited August 2015
    Below is the illustration for you to see the issue.

    image
  • Fred_PinelFred_PinelMember
    Hi,
    The current behaviour for this method is not what you expect, and probably not what it should be.
    Currently, setting to true will force the user to re-approve the application, while setting to false will not ask for approval each time.
    It does not request the user to re-enter their credentials (with the force_login).

    So, this is an error, and we're fixing it now.

    Thanks for your input !
  • Thomas_HuongThomas_HuongMember
    Hi Frederic,

    Yeah, you were right. Thank for your clarification and for the fix as well.

    We are having a urgent plan and need to resolve this issue for Twitter firstly.

    Can you please prioritize delivering the fix for Twitter as highest ?

    Let me know right after you're done.

    Thank again so much,

    Thomas
  • Thomas_HuongThomas_HuongMember
    Hi Frederic,

    It works perfectly right now. Thank a ton, mate.

    Do you have a chance to fix this for Facebook and LinkedIn as well?

    For now I will have to do a trick that uses Javascript SDK to force logging out in background whenever user opens the oneall social linking widget.

    - Facebook, using FB.logout();
    - For Linkedin, using IN.User.logout();

    Regards,
    Thomas.
  • Fred_PinelFred_PinelMember
    Hi,

    Also, LinkedIn does not seem to support this feature (forcing the user to enter their credentials).

    Regards.
  • Thomas_HuongThomas_HuongMember
    Hi,

    Do you mean we would have to suffer this issue ? any workaround way to do that ?

    Regards,
    Thomas
  • Fred_PinelFred_PinelMember
    It appears LinkedIn does not allow for this via their API.
    The user would need to log out of LinkedIn using other ways (through their web site, closing browser, ...).
    No identified workaround for the moment unfortunately.
  • Thomas_HuongThomas_HuongMember
    Okay. Anyway thank you for help on the Twitter issue.
  • Thomas_HuongThomas_HuongMember
    Hi Frederic,

    I just found out that you have added force_login=1 when user requests Unlink action for Twitter.
    But you have not add it when user requests for Link action.

    See below screenshot:
    image

    This makes user keeps previous session and could not input a new credential after he does unlink action. Could you please review this and deliver a fix ?

    Thank you in advance.
    Thomas
  • Thomas_HuongThomas_HuongMember
    Any chance to help me here @Frederic?
  • Fred_PinelFred_PinelMember
    Hi,
    Just to let you know that you are not forgotten, this is on our list :-)
  • Thomas_HuongThomas_HuongMember
    Thank you @Frederic.
  • Thomas_HuongThomas_HuongMember
    For now, I see it works. That's good.

    Thank mate.
Login to your OneAll account to add a new comment

Welcome!

Please sign in to your OneAll account to ask a new question or to contribute to the discussions.

Please click on the link below to connect to the forum with your OneAll account.

Ask a question

Information

Products & Services

Categories