RADIUSdesk

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
user_guide:social_login [2019/06/11 17:02]
admin [Facebook side]
user_guide:social_login [2019/06/25 13:53] (current)
admin [Facebook side]
Line 41: Line 41:
  
 ====== The user used for the temporary session ====== ====== The user used for the temporary session ======
-  * Because we can make use of multiple providers we decided to rather not going the route of providing a large and ever changing list in the Walled ​garden ​for each strategy ​of the captive portal in order for you to reach the authentication provider.+  * Because we can make use of multiple providers we decided to rather not going the route of providing a large and ever changing list in the Walled ​Garden ​for each provider ​of the captive portal in order for you to reach the authentication provider.
   * We make use of a temporary user account which will log the user into the captive portal and then redirect them to the authentication provider'​s login page.   * We make use of a temporary user account which will log the user into the captive portal and then redirect them to the authentication provider'​s login page.
   * You can choose per Dynamic Login Page which temporary user to use.   * You can choose per Dynamic Login Page which temporary user to use.
Line 102: Line 102:
  
   * Facebook will now generate your App with a unique ID which you will later use in RADIUSdesk'​s config.   * Facebook will now generate your App with a unique ID which you will later use in RADIUSdesk'​s config.
 +  * The App itself will have settings which you can access. Under the **Basic** settings you will find the **App Id** and **App Secret**. ​
 +   * Record the application'​s **App ID** and **App Secret** since we will need it in RADIUSdesk.
  
-{{:​user_guide:​facebook:​fb_new_ap4.png?​nolink|}}+{{:​user_guide:​facebook:​fb_new_ap6.png?​nolink|}}
  
   * You can now go to the **Products** menu in the bottom left. Click on add a  **Product**. We need to add **Facebook Login**. This product will allow for **OAuth2** based authentication which is what we need for Social Logins.   * You can now go to the **Products** menu in the bottom left. Click on add a  **Product**. We need to add **Facebook Login**. This product will allow for **OAuth2** based authentication which is what we need for Social Logins.
  
-{{:​user_guide:​facebook:​fb_new_ap5.png?​nolink|}}+{{:​user_guide:​facebook:​fb_new_ap7.png?​nolink|}}
  
-{{:​user_guide:​facebook:​fb_new_ap6.png?​nolink|}} +  * Ignore the **Quickstart** options and go to the **Settings** menu on the left for the **Facebook Login**
- +
-{{:​user_guide:​facebook:​fb_new_ap7.png?​nolink|}}+
  
 {{:​user_guide:​facebook:​fb_new_ap8.png?​nolink|}} {{:​user_guide:​facebook:​fb_new_ap8.png?​nolink|}}
 +
 +  * Facebook tighten their security a lot and one now have to explicitly specify the URL's which OAuth will redirect back to. (Our RADIUSdesk server)
 +  * They also force you to use **https** on the server you specify that you will be redirecting back to.
 +  * Our server here is **dev.radiusdesk.com**. Please change this in order to fit your environment.
 +  * The URI in our deployment is https://​dev.radiusdesk.com/​cake3/​rd_cake/​third-party-auths/​index.json
 +  * This is the value we specify in the **Valid OAuth Redirect URIs** item. The other items we leave as is (Defaults).
  
 {{:​user_guide:​facebook:​fb_new_ap9.png?​nolink|}} {{:​user_guide:​facebook:​fb_new_ap9.png?​nolink|}}
  
-  * Go to the **Settings** of the application and specify the URL of the server where you will serve the login pages from. +  * After you saved this there is one item outstanding before ​you can configure ​the RADIUSdesk side
-  * Beware that Facebook require that the redirected URL be precisely the same as the one specified. This means that if your login page on the captive portal looks like http://​69.30.244.107/ ​you also have to mirror that. If on the other hand you use a hostname, be sure that they also match e.g http://​rd01.wificity.asia/​ +  * Top left is a switch to take the App out of development ​and make it liveMake the App live by toggling the switch to the **On** position
- +
-  * Record ​the application'​s **App ID** and **App Secret** since we will need it in RADIUSdesk. +
-  * Select ​the **Status and Review** menu item and make sure the application is live and available to the general public.+
 <WRAP center round alert 90%> <WRAP center round alert 90%>
-Failing to make the application ​available to the general public ​will render the Facebook authentication useless.+Failing to make the application ​live  ​will render the Facebook authentication useless.
 </​WRAP>​ </​WRAP>​