RADIUSdesk

Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
user_guide:social_login [2019/06/11 09:21] – [Facebook side] adminuser_guide:social_login [2019/06/25 13:53] (current) – [Facebook side] admin
Line 41: Line 41:
  
 ====== The user used for the temporary session ====== ====== The user used for the temporary session ======
-  * Because we can make use of multiple providers we decided to rather not going the route of providing a large and ever changing list in the Walled garden for each strategy of the captive portal in order for you to reach the authentication provider.+  * Because we can make use of multiple providers we decided to rather not going the route of providing a large and ever changing list in the Walled Garden for each provider of the captive portal in order for you to reach the authentication provider.
   * We make use of a temporary user account which will log the user into the captive portal and then redirect them to the authentication provider's login page.   * We make use of a temporary user account which will log the user into the captive portal and then redirect them to the authentication provider's login page.
   * You can choose per Dynamic Login Page which temporary user to use.   * You can choose per Dynamic Login Page which temporary user to use.
Line 88: Line 88:
 ===== Facebook side ===== ===== Facebook side =====
   * Active the Developer side of Facebook and create a Facebook application. ([[https://developers.facebook.com/apps|https://developers.facebook.com/apps]])   * Active the Developer side of Facebook and create a Facebook application. ([[https://developers.facebook.com/apps|https://developers.facebook.com/apps]])
-  * Go to the **Settings** of the application and specify the URL of the server where you will serve the login pages from. 
-  * Beware that Facebook require that the redirected URL be precisely the same as the one specified. This means that if your login page on the captive portal looks like http://69.30.244.107/ you also have to mirror that. If on the other hand you use a hostname, be sure that they also match e.g http://rd01.wificity.asia/ 
  
-{{ :user_guide:social_fb_fb1.png |}} +  * Below you can see how it looks when we have not yet defined any applications. Go to **My Apps** -> **Create New App**. 
-  * Record the application's **App ID** and **App Secret** since we will need it in RADIUSdesk. + 
-  * Select the **Status and Review** menu item and make sure the application is live and available to the general public.+{{:user_guide:facebook:fb_new_ap1.png?nolink|}} 
 + 
 +  * You will need to specify a name for the App and also a valid contact email address. 
 + 
 +{{:user_guide:facebook:fb_new_ap2.png?nolink|}} 
 + 
 +  * You will also be required to verify that you are human 
 + 
 +{{:user_guide:facebook:fb_new_ap3.png?nolink|}} 
 + 
 +  * Facebook will now generate your App with a unique ID which you will later use in RADIUSdesk's config. 
 +  * The App itself will have settings which you can access. Under the **Basic** settings you will find the **App Id** and **App Secret**.  
 +   * Record the application's **App ID** and **App Secret** since we will need it in RADIUSdesk. 
 + 
 +{{:user_guide:facebook:fb_new_ap6.png?nolink|}} 
 + 
 +  * You can now go to the **Products** menu in the bottom left. Click on add a  **Product**. We need to add **Facebook Login**. This product will allow for **OAuth2** based authentication which is what we need for Social Logins. 
 + 
 +{{:user_guide:facebook:fb_new_ap7.png?nolink|}} 
 + 
 +  * Ignore the **Quickstart** options and go to the **Settings** menu on the left for the **Facebook Login** 
 + 
 +{{:user_guide:facebook:fb_new_ap8.png?nolink|}} 
 + 
 +  * Facebook tighten their security a lot and one now have to explicitly specify the URL's which OAuth will redirect back to. (Our RADIUSdesk server) 
 +  * They also force you to use **https** on the server you specify that you will be redirecting back to. 
 +  * Our server here is **dev.radiusdesk.com**. Please change this in order to fit your environment. 
 +  * The URI in our deployment is https://dev.radiusdesk.com/cake3/rd_cake/third-party-auths/index.json 
 +  * This is the value we specify in the **Valid OAuth Redirect URIs** item. The other items we leave as is (Defaults). 
 + 
 +{{:user_guide:facebook:fb_new_ap9.png?nolink|}} 
 + 
 +  * After you saved this there is one item outstanding before you can configure the RADIUSdesk side. 
 +  * Top left is a switch to take the App out of development and make it live. Make the App live by toggling the switch to the **On** position
 <WRAP center round alert 90%> <WRAP center round alert 90%>
-Failing to make the application available to the general public will render the Facebook authentication useless.+Failing to make the application live  will render the Facebook authentication useless.
 </WRAP> </WRAP>
-{{ :user_guide:social_fb_fb2.png |}} 
  
  
Last modified: 2019/06/11 09:21