2FAuth | Web app to manage your Two-Factor Authentication | Authentication library

I am sorry i have much trouble understanding Firebase Dynamic links.

My use case is : a user wants to reset his password from the mobile app (or send an email verification).

• The request is made using Firebase Authentication with a custom handler (with custom domain : https://example.com/auth)
• The ActionCodeSettings looks like :

I have a Gmail Add-on deployed on marketplace, it was working fine but now when a user have multiple accounts logged into gmail and tries to install my add-on. It shows the error

Sorry, unable to open the file at this time.

Please check the address and try again.

The URL of opened popup is (script_id is my project's script id ): https://script.google.com/macros/u/1/s//authorize?scopes=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.addons.current.action.compose%2Chttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.addons.current.message.metadata%2Chttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.addons.execute%2Chttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fscript.external_request%2Chttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%2Chttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile When only one account is logged into Gmail, then it works as expected and add-on is installed normally.

I checked other solutions to the same problem, then say we need to remove /u/1/ from the URL. I copy pasted the URL into another tab and removed /u/1/ from the URL. I still got the same error. Also, this URL is generated by Google and not by us, so we cannot edit it.

Any help for the problem mentioned above will be appreciated.

Thanks in advance.

I am building an in-app browser for handling firebase authentication with external providers (for example Microsoft login).

I have button in my main page which calls auth.startActivityForSignInWithProvider(this, provider).addOnSuccessListener{} and it launches the activity with a webview.

The issue is once I finish completing the login with the provider, the webview receives an intent url (which is a string and showcased below). But the webview is not able to load and I get Webpage not available with ERR_UNKNOWN_URL_SCHEME error.

How can I parse this string into an intent in-order to launch it?

I'm trying to understand the difference between code_challange and state parameter from OAuth 2.0 Authorization Code Flow + PKCE.

I know that state parameter is a validation against CSRF attack and is generated (and saved in local storage) on Client (eg. Angular SPA) - and need to be returned from Authorization application in callback after successful login and compared with state value saved previously on local storage.

Whereas code_challange is generated based on code_verifier also genereated and saved in localstorage. So where is the differance with usage?

Also I've noted strange thing - I copied generated auth url which is: https://APP_ADDRESS.b2clogin.com/APP_ADDRESS.onmicrosoft.com/b2c_signupsignin/oauth2/v2.0/authorize?client_id=f9d2b[...]&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fauth-callback&response_type=code&scope=f9d2b[...]%20openid&state=31caa207[...]&code_challenge=-MefGRhOo[...]&code_challenge_method=S256&response_mode=query

And I used that url in different browser. And I was able to login successfuly. I only had an error in console: No matching state found in storage. Which make sense since local storage was empty in new browser.

But why there wasn't any error about the code_challange? I think it shouldn't be able to login successful, or I miss something?

I am writing a simple python script that gets a YouTube video duration using google-API. This is the code I wrote:

Using karate-UI

How to generate OAuth 2.0 token via karate.

How we have tried in Postman:

1. On Authorization tab select OAuth 2.0
2. Select Header Prefix Bearer
3. Grant-Type is "Authorization Code"
4. Callback URL is selected as when we will click submit it redirects to a browser where we have to enter credentials and a user is validated once it is validated the browser redirects back to Postman
5. Add "Auth URL" and "Access Token URL"
6. Enter "Client ID" and "Client Secret"
7. Select "Client Authentication" as Send as Basic Auth Header.

Postman then redirects to a browser where we enter username and password and once authenticated it redirects user back to postman with access token.

Question: When we provide grant_type as "authorization code" in Karate we are getting an error as {"error":"unsupported_grant_type","error_description":"Unsupported grant_type"}. What to provide here as when we provide "password" we are getting 401 and when we provide "authorization code" we are getting 400.

Secondly, Can we automate such scenario where a browser is invoked as well and we have to enter credentials can we achieve it via Karate as then we have to store the token and pass in the APIs?

For some reason, the program won't remove the file. I think it's because of the uploading process, but I don't know how to fix it.

Open this link(to get the API Access_Token): https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?redirect_uri=https%3A%2F%2Fdevelopers.google.com%2Foauthplayground&prompt=consent&response_type=code&client_id=407408718192.apps.googleusercontent.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive&access_type=offline&flowName=GeneralOAuthFlow

This link works in Brave web browser or else you need to be administrator.

Then paste the Access_Token you find after clicking the blue button where it says: {Access_token}

I have built a Svelte application using SvelteKit that uses Cognito for authentication. I used the following site: Cognito authentication for your SvelteKit app guide me in setting this up. The app and connection to Cognito works well when running in local development via npm run dev, however, when running in production on an EC2 server via npm run build and pm2 start /build/index.js it sets the redirect_uri portion of the Cognito URI to http://localhost:3000. I can't figure out how to get it to set the redirect to my actual domain.

Here are some relevant code snippets on how it is currently set up on EC2:

/etc/nginx/sites-available/domain.conf