Uploaded image for project: 'RichFaces'
  1. RichFaces
  2. RF-14025

Photoalbum login via social sites

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 4.5.4
    • Fix Version/s: 4.5.6
    • Component/s: examples
    • Labels:
      None
    • Steps to Reproduce:
      Hide
      • Get to know FB testing system
        • Log in to FB (or rather developer.facebook.com) with our credentials
          • rf.photoalbum@gmail.com / rf.photoalbumrf.photoalbum
        • Under "My Apps" find photoalbum
        • Under "Roles" -> "Test Users", there are fake users
        • Their email can be used for login (and passwd is "12345") from app
      • Modify photoalbum
        • Open sdkd.xhtml file and change appId, new id is also under FB page (Dashboard)
      • Build&Start photoalbum on wildfly 8.2
        • Try to log in
      Show
      Get to know FB testing system Log in to FB (or rather developer.facebook.com) with our credentials rf.photoalbum@gmail.com / rf.photoalbumrf.photoalbum Under "My Apps" find photoalbum Under "Roles" -> "Test Users", there are fake users Their email can be used for login (and passwd is "12345") from app Modify photoalbum Open sdkd.xhtml file and change appId, new id is also under FB page (Dashboard) Build&Start photoalbum on wildfly 8.2 Try to log in

      Description

      As of now we are unable to make automated tests for FB/G+ login. The reason is that when the tests were moved to RF repo, community started executing those tests, amongst which there are tests with social logins. Someone may have tried to log in manually too because, after all, the credentials are in the test code.
      This causes both, FB and G+ account to detect a security trespassing (when logging from new/unknown location) which in turn leads to account being blocked for website log-ins in case of Facebook or forced password change in case of G+.

      I haven't delved into G+ mechanism, but I did so with Facebook. I don't have much experience tempering with FB APIs but I found out that there is a possibility to manage application and add fake test user account(s) via their Graph API (assuming test accs don't get blocked?). I created this using our RF account and changed the appID in sdkd.xhtml. This led to a login attempt which failed with following errors:

      (#12) fql is deprecated for versions v2.1 and higher
      (#12) username field is deprecated for versions v2.0 and higher
      

      The above sounds pretty much like we are using old API and switching to new one causes troubles?

      However it is possible that I misunderstood how to set the things up, in which case, please, guide my steps.

      • I followed the quickstart guide on developer.facebook.com
      • I changed the whole FB connection script to a minimum (as shown in quickstart)
      • I also tried to not to change anything but the appId

      So what is really the problem with old API?

      • People from community will not be able to log in via social sites using our provided login credentials (rf account)
        • They will end up being told that the acc is not eligible for website login as it gets blocked
      • We are not able to test this automatically
        • Every time someone from other country logs, the acc gets blocked and tests fail
      • Keeping up to date
        • Maybe we should be using new versions because...well, because they are up to date?

      NOTE: Obviously there is similar problem with G+, nobody can log in as it gets blocked. But I do not know whether G+ offers means of testing similar to FB.

      P.S. with G+ I was forced to change the password and it cannot be reverted back, the new password contains number "2" appended to the original pass; FB stays the same.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                michpetrov Michal Petrov
                Reporter:
                manovotn Matěj Novotný
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: