Hi Jose,
ok, this new client_id works fine for figlobal.eng.it. If you want, you
can test it by the following link
I've noticed that the session of accounts.fundingbox.com remains active
when the user close the tab/browser.
This means that:
1. User A clicks to sign in on FIA by FundingBox account
2. User A inserts the own credentials on accounts.fundingbox.com
3. User A logins and uses FIA
4. User A clicks on FIA logout. The Liferay session is cleaned, but
(not having the Single Log out) the fundingbox session remains active.
5. User A closes the browser. *Here the **fundingbox session should be
cleaned, but instead it remains active.*
6. User B clicks to sign in on FIA by FundingBox account
7. *User B is logged by the **FundingBox account of the user A*.
It's an issue.
Please, could you take a look ?
It would be enough to clean the accounts.fundingbox.comm session when
the user close the tab/browser.
Thank you in advance
Best Regards
/Filippo/
Il 29/08/2017 10:39, Jose Alonso ha scritto:
> Hi Filippo,
>
> I added a new client_id=59a52664e6c736834bd0cd2a that redirects to
> http://figlobal.eng.it/authorize.html
>
> Could you please try that?
>
> Regards,
>
> Jose
>
> On Mon, Aug 28, 2017 at 4:17 PM, Filippo Giuffrida
> <filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>> wrote:
>
> Hi FundingBox team,
>
> I ended up developing the SSO with FundingBox oAuth on my local
> environment by the client_id=597867a6e6c736834bd0cd1a that
> redirects to localhost:3000/authorize.html.
>
> Please could you provide an additional client_id that redirects to
> *http://figlobal.eng.it**/authorize.html* ?
>
> Thank you in advance
>
> Best Regards
>
> /Filippo/
>
> Il 24/08/2017 13:34, Jose Alonso ha scritto:
>> Hi Filippo,
>>
>> Could you try now? Since this morning seems the api didn't
>> respond in some situations.
>>
>> Sorry for the inconvenience!
>>
>> Regards,
>>
>> Jose
>>
>> On Thu, Aug 24, 2017 at 11:07 AM, Filippo Giuffrida
>> <filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>> wrote:
>>
>> Dear FundingBox Team,
>>
>> since this morning the server of
>> http://api.fundingbox.com/users/me
>> <http://api.fundingbox.com/users/me> doesn't seem to work.
>>
>> The Ajax call returns a pending status that ends with a 502 error
>>
>>
>> Yesterday evening it was working fine.
>>
>> Please, could you take a look and give me a feedback ?
>>
>> Thank you in advance
>>
>> Best Regards
>>
>> /Filippo/
>>
>>
>> Il 24/08/2017 01:43, Jorge Fernandez ha scritto:
>>> Hi Filippo, thanks for reporting this. It's quite strange, I
>>> didn't had time to check it properly, but looks like the two
>>> systems are using different cost parameters in their hashing
>>> functions, but not always, and this is the strange thing,
>>> because at least my account is working exactly the same in
>>> both systems.
>>>
>>> Anyway, thanks for telling us ;) , we'll investigate it and
>>> fix it asap.
>>>
>>> Regards,
>>> Jorge
>>>
>>> On Wed, Aug 23, 2017 at 10:51 AM, Filippo Giuffrida
>>> <filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>>
>>> wrote:
>>>
>>> Dear FundingBox Team,
>>>
>>> I followed the Jorge's suggestions, getting these results:
>>>
>>> * I cannot reset my password for the account
>>> filippo.giuffrida at eng.it
>>> <mailto:filippo.giuffrida at eng.it>
>>>
>>> * I clicked on the link shown in the following image
>>>
>>>
>>> * I tried to use the same email address
>>> (filippo.giuffrida at eng.it
>>> <mailto:filippo.giuffrida at eng.it>) and the system
>>> (rightly) gave my an error
>>>
>>> * I changed the email address in
>>> filgiuffrida at outlook.it
>>> <mailto:filgiuffrida at outlook.it>, the account was
>>> created successfully and the login works fine,
>>> redirecting to
>>> http://localhost:3000/authorize.html#access_token=599d3fc4af59fc84788b4567&token_type=Bearer&expires=1504773700&expires_in=1296000
>>> <http://localhost:3000/authorize.html#access_token=599d3fc4af59fc84788b4567&token_type=Bearer&expires=1504773700&expires_in=1296000>
>>> * I tried to create an other account by the page
>>> https://fundingbox.com/signin
>>>
>>>
>>> and the account l346261 at mvrht.net
>>> <mailto:l346261 at mvrht.net> gave me the same problems
>>> of filippo.giuffrida at eng.it
>>> <mailto:filippo.giuffrida at eng.it> (I cannot use it
>>> on http://accounts.fundingbox.com/login
>>> <http://accounts.fundingbox.com/login>)
>>>
>>> I got the following conclusions:
>>>
>>> 1. If you create the account by
>>> https://fundingbox.com/signin,
>>>
>>> * it works fine on https://fundingbox.com/signin
>>>
>>> * it doesn't work on
>>> http://accounts.fundingbox.com/login
>>> <http://accounts.fundingbox.com/login>
>>>
>>> 2. If you create the account by
>>> http://accounts.fundingbox.com/login
>>> <http://accounts.fundingbox.com/login>,
>>>
>>> * it works fine on
>>> http://accounts.fundingbox.com/login
>>> <http://accounts.fundingbox.com/login>
>>> * it works fine on https://fundingbox.com/signin
>>>
>>> In this way I'm able to proceed with my development, but
>>> we should keep in mind that this account managementisn't
>>> working fine andwith these bugs it cannot be used in a
>>> production context.We need to solve these problems, do
>>> you agree ?
>>>
>>> Best Regards
>>>
>>> /Filippo/
>>>
>>> Il 22/08/2017 23:21, Jorge Fernandez ha scritto:
>>>> Hi Filippo, please try again, reseting your password
>>>> here: http://accounts.fundingbox.com/login
>>>> <http://accounts.fundingbox.com/login>
>>>> I'll be out till Sept. 1, but I'll try to check the
>>>> email from time to time, so you can contact me or try
>>>> to contact my colleague Jose:
>>>> jose.alonso at fundingbox.com
>>>> <mailto:jose.alonso at fundingbox.com>
>>>>
>>>> Regards,
>>>> Jorge
>>>>
>>>> On Tue, Aug 22, 2017 at 3:16 PM, Filippo Giuffrida
>>>> <filippo.giuffrida at eng.it
>>>> <mailto:filippo.giuffrida at eng.it>> wrote:
>>>>
>>>> Hi Jorge,
>>>>
>>>> I'm trying to use the example provided by you.
>>>>
>>>> I've created an account on https://fundingbox.com/
>>>> with email filippo.giuffrida at eng.it
>>>> <mailto:filippo.giuffrida at eng.it>, I've verified
>>>> the email and I access fine on https://fundingbox.com/
>>>>
>>>> I've tried to access by a blank browser to
>>>> http://accounts.fundingbox.com/authorize?client_id=597867a6e6c736834bd0cd1a&response_type=token
>>>> <http://accounts.fundingbox.com/authorize?client_id=597867a6e6c736834bd0cd1a&response_type=token>
>>>> , it redirects to
>>>> http://accounts.fundingbox.com/login
>>>> <http://accounts.fundingbox.com/login> where the
>>>> following form appears
>>>>
>>>>
>>>>
>>>> I've tried to access by the account
>>>> filippo.giuffrida at eng.it
>>>> <mailto:filippo.giuffrida at eng.it>, but it doesn't
>>>> work, I got the message "*Your username or password
>>>> are incorrect, please try again."*
>>>>
>>>> I've also tried to create an account by the link
>>>> "Create an account" but it links to #
>>>>
>>>> Please, could you take a look ?
>>>>
>>>> Thank you in advance
>>>>
>>>> Best Regards
>>>>
>>>> /Filippo/
>>>>
>>>>
>>>>
>>>>
>>>> Il 26/07/2017 18:15, Jorge Fernandez ha scritto:
>>>>> Hi Filippo,
>>>>>
>>>>> I've prepared a brief document and a very basic
>>>>> example using the "implicit grant" flow.
>>>>>
>>>>> Example:
>>>>> https://drive.google.com/file/d/0B29v6b3mGXyUUllZczNYRmsyZ1k/view?usp=sharing
>>>>> <https://drive.google.com/file/d/0B29v6b3mGXyUUllZczNYRmsyZ1k/view?usp=sharing>
>>>>> Document:
>>>>> https://docs.google.com/document/d/14Bjn6ibrOgmq1P0sx5hDh_U98f5ypLOqUniy7Vpunvg/edit?usp=sharing
>>>>> <https://docs.google.com/document/d/14Bjn6ibrOgmq1P0sx5hDh_U98f5ypLOqUniy7Vpunvg/edit?usp=sharing>
>>>>>
>>>>> This is probably the easier one to implement, but
>>>>> if you prefer to use a different grant type just
>>>>> tell me and we can prepare a different example.
>>>>>
>>>>> The example is very basic, using only javascript.
>>>>> If you use php in your laptop you can run it with
>>>>> this command: php -S localhost:3000
>>>>> If not, you'll need to upload the files to a web
>>>>> server or run it with node, etc...
>>>>>
>>>>> Here are the credentials you'll need to use our
>>>>> Accounts service:
>>>>>
>>>>> *authorization_url*:
>>>>> http://accounts.fundingbox.com/authorize
>>>>> <http://accounts.fundingbox.com/authorize>
>>>>> *client_id*: 597867a6e6c736834bd0cd1a
>>>>> *client_secret (not needed if using the implicit
>>>>> grant type)*:
>>>>> mac974348wncw084309du7tcnw084tcw846tndw86tbw
>>>>>
>>>>> The URI to redirect to after the user
>>>>> grants/denies permission is :
>>>>> *http://localhost:3000/authorize
>>>>> <http://localhost:3000/authorize>*
>>>>> If you need to change it you'll have to ask me to
>>>>> do it.
>>>>>
>>>>> After the user granted permission you'll receive
>>>>> and access_token and you should use it to call our
>>>>> API to get the user details like the email,
>>>>> username, etc...
>>>>> This can be done calling this REST method: *(GET)
>>>>> http://api.fundingbox.com/users/me
>>>>> <http://api.fundingbox.com/users/me>* (including a
>>>>> header "Authorization": access_token)
>>>>>
>>>>> If you need any help or examples to implement this
>>>>> just tell me :)
>>>>>
>>>>> Regards,
>>>>> Jorge
>>>>>
>>>>> On Wed, Jul 26, 2017 at 10:59 AM, Jorge Fernandez
>>>>> <jorge at fundingbox.com
>>>>> <mailto:jorge at fundingbox.com>> wrote:
>>>>>
>>>>> Hi Filippo, sorry for my late response, I'm
>>>>> been out since friday.
>>>>>
>>>>> We have and OAuth2 authentication service with
>>>>> the following grant types:
>>>>>
>>>>> Authorization code grant
>>>>> Implicit grant
>>>>> Resource owner credentials grant
>>>>> Client credentials grant
>>>>> Refresh token grant
>>>>>
>>>>> I guess the simplest implementation would be
>>>>> use the "implicit grant" option, since it's
>>>>> quite simple to implement from scratch.
>>>>> We are now preparing some documentation and
>>>>> examples, and I hope to sent them to you
>>>>> during the day.
>>>>>
>>>>> Regards,
>>>>> Jorge
>>>>>
>>>>> On Tue, Jul 25, 2017 at 7:03 PM, Filippo
>>>>> Giuffrida <filippo.giuffrida at eng.it
>>>>> <mailto:filippo.giuffrida at eng.it>> wrote:
>>>>>
>>>>> Dear Jorge,
>>>>>
>>>>> did you receive the following email, that
>>>>> I sent to
>>>>> fiware-fia-fundingbox-integration at lists.fiware.org
>>>>> <mailto:fiware-fia-fundingbox-integration at lists.fiware.org>
>>>>> ?
>>>>>
>>>>> Please, could you let us know ?
>>>>>
>>>>> Thank you in advance
>>>>>
>>>>> Best Regards
>>>>>
>>>>> /Filippo/
>>>>>
>>>>> -------- Messaggio Inoltrato --------
>>>>> Oggetto: SSO integration
>>>>> Data: Mon, 24 Jul 2017 16:11:09 +0200
>>>>> Mittente: Filippo Giuffrida
>>>>> <filippo.giuffrida at eng.it>
>>>>> <mailto:filippo.giuffrida at eng.it>
>>>>> A:
>>>>> fiware-fia-fundingbox-integration at lists.fiware.org
>>>>> <mailto:fiware-fia-fundingbox-integration at lists.fiware.org>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Dear Jorge,
>>>>>
>>>>> as Giovanni wrote in a previous mail, one
>>>>> of the first steps of the our integration
>>>>> should be:
>>>>>
>>>>> * Integration with FundingBox via OAuth
>>>>> 2.0 or CAS (to be finally agreed,
>>>>> after information sent by Jorge)
>>>>>
>>>>> Currently our tool doesn't provide a
>>>>> native module to use OAuth 2.0 as SSO
>>>>> system, so we should develop it from scratch.
>>>>>
>>>>> An alternative route that allows us to
>>>>> reduce the time for putting the SSO into
>>>>> operation is the use of CAS.
>>>>> <https://en.wikipedia.org/wiki/Central_Authentication_Service>
>>>>>
>>>>>
>>>>> Does FundingBox implement the CAS protocol ?
>>>>>
>>>>> Please, could you let us know ?
>>>>>
>>>>> Thank you in advance
>>>>>
>>>>> Best Regards
>>>>>
>>>>> /Filippo/
>>>>>
>>>>>
>>>>> --
>>>>> *Filippo Giuffrida*
>>>>> Researcher, Member of the Public
>>>>> Administration Innovation Unit
>>>>> Research and Development Lab.
>>>>> filippo.giuffrida at eng.it
>>>>> <mailto:filippo.giuffrida at eng.it>
>>>>>
>>>>> *Engineering Ingegneria Informatica spa*
>>>>> Viale Regione Siciliana N.O. n.7275
>>>>> 90146, Palermo (Italy)
>>>>> Direct phone +39 - 091 7511842
>>>>> <tel:+39%20091%20751%201842>
>>>>> Operator +39 - 091 7511711
>>>>> <tel:+39%20091%20751%201711>
>>>>> www.eng.it <http://www.eng.it>
>>>>> --
>>>>> *Filippo Giuffrida*
>>>>> Researcher, Member of the Public
>>>>> Administration Innovation Unit
>>>>> Research and Development Lab.
>>>>> filippo.giuffrida at eng.it
>>>>> <mailto:filippo.giuffrida at eng.it>
>>>>>
>>>>> *Engineering Ingegneria Informatica spa*
>>>>> Viale Regione Siciliana N.O. n.7275
>>>>> 90146, Palermo (Italy)
>>>>> Direct phone +39 - 091 7511842
>>>>> <tel:+39%20091%20751%201842>
>>>>> Operator +39 - 091 7511711
>>>>> <tel:+39%20091%20751%201711>
>>>>> www.eng.it <http://www.eng.it>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> *Filippo Giuffrida*
>>>> Researcher, Member of the Public Administration
>>>> Innovation Unit
>>>> Research and Development Lab.
>>>> filippo.giuffrida at eng.it
>>>> <mailto:filippo.giuffrida at eng.it>
>>>>
>>>> *Engineering Ingegneria Informatica spa*
>>>> Viale Regione Siciliana N.O. n.7275
>>>> 90146, Palermo (Italy)
>>>> Direct phone +39 - 091 7511842
>>>> <tel:+39%20091%20751%201842>
>>>> Operator +39 - 091 7511711 <tel:+39%20091%20751%201711>
>>>> www.eng.it <http://www.eng.it>
>>>>
>>>>
>>>
>>> --
>>> *Filippo Giuffrida*
>>> Researcher, Member of the Public Administration
>>> Innovation Unit
>>> Research and Development Lab.
>>> filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>
>>>
>>> *Engineering Ingegneria Informatica spa*
>>> Viale Regione Siciliana N.O. n.7275
>>> 90146, Palermo (Italy)
>>> Direct phone +39 - 091 7511842 <tel:+39%20091%20751%201842>
>>> Operator +39 - 091 7511711 <tel:+39%20091%20751%201711>
>>> www.eng.it <http://www.eng.it>
>>>
>>>
>>
>> --
>> *Filippo Giuffrida*
>> Researcher, Member of the Public Administration Innovation Unit
>> Research and Development Lab.
>> filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>
>>
>> *Engineering Ingegneria Informatica spa*
>> Viale Regione Siciliana N.O. n.7275
>> 90146, Palermo (Italy)
>> Direct phone +39 - 091 7511842 <tel:+39%20091%20751%201842>
>> Operator +39 - 091 7511711 <tel:+39%20091%20751%201711>
>> www.eng.it <http://www.eng.it>
>>
>>
>
> --
> *Filippo Giuffrida*
> Researcher, Member of the Public Administration Innovation Unit
> Research and Development Lab.
> filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>
>
> *Engineering Ingegneria Informatica spa*
> Viale Regione Siciliana N.O. n.7275
> 90146, Palermo (Italy)
> Direct phone +39 - 091 7511842 <tel:+39%20091%20751%201842>
> Operator +39 - 091 7511711 <tel:+39%20091%20751%201711>
> www.eng.it <http://www.eng.it>
>
>
--
*Filippo Giuffrida*
Researcher, Member of the Public Administration Innovation Unit
Research and Development Lab.
filippo.giuffrida at eng.it <mailto:filippo.giuffrida at eng.it>
*Engineering Ingegneria Informatica spa*
Viale Regione Siciliana N.O. n.7275
90146, Palermo (Italy)
Direct phone +39 - 091 7511842
Operator +39 - 091 7511711
www.eng.it <http://www.eng.it>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lidimkbadpcaiepk.png
Type: image/png
Size: 32521 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mhdpaloaofgkanlj.png
Type: image/png
Size: 24007 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nmdbcokakomjljpo.png
Type: image/png
Size: 10519 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0009.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: naajnndnjomfjgic.png
Type: image/png
Size: 13374 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0010.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nbjhplbdnnmjmigb.png
Type: image/png
Size: 11917 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0011.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ikkpanfeccadmmoc.png
Type: image/png
Size: 17467 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0012.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fmpoddjnaajjjped.png
Type: image/png
Size: 18176 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-fia-fundingbox-integration/attachments/20170829/956e5b25/attachment-0013.png>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy