• David Benkoel 3
  • NEWBIE
  • 0 Points
  • Member since 2022

  • Chatter
    Feed
  • 0
    Best Answers
  • 2
    Likes Received
  • 0
    Likes Given
  • 11
    Questions
  • 5
    Replies
Hi, 

I'm implementing both "login" and "logout" features for a third-party client, usinf SF Identity as an IdP.

Login is based on an OAuth 2.0 flow, which issues an access token and a refresh token. Once this flow executed, SF also grants a session ID to the newly logged user, and sets a browser cookie accordingly (sid).

For the logout, I tried to revoke both tokens via the standard oauth2/revoke endpoint): the user session remains active (why ???).

Then I tried to use the same API, with the sid as the payload (that I'm getting through UserInfo.getSessionId()): the session still remains active.

So, how to remove a user session using Apex code?

What I need to achieve is basically what is done from the Salesforce setup, Session Management section, with the Remove button.

Thanks

I tried to revoke 
Hi,

I need to perform a simple redirect to a standard web page, from a LWC.

Is it a good practice to use the approach (and if yes why?) :
 
this[NavigationMixin.GenerateUrl]({
            type: 'standard__webPage',
            attributes: {
                url: redirectUri
            }
        })

Thank you
Hi,
In the Developer Console I'm executing this simple snippet:
PageReference page = Site.login(username, password, url);
System.debug(page);
Despite I double checked that an active user exist with the username and password I'm passing to Site.login(), this method always returns null.

This basically means that the login process failed.

Is there a reason for that? I can't get the point.

Thank you
 Hi,

I’ve created a URL Rewriter class to a Digital Experience.

When I enter an URL into the browser, I can see from the logs that the this class is actually invoked.

My issue is, whatever PageReference is returned in the mapRequestUrl() method of this class, the browser keeps redirecting to the Community login page, that is, /s/login/.

Event if I code something like so, the behaiour remains the same:
 
global PageReference mapRequestUrl(PageReference friendlyURL) {
        return new PageReference('/s/login/SelfRegister/');
}

Does anyone have an ideao on what's happening here?

Thank you
Hi,

I made a custom login page usin Lightning Web Components.
To do so, I embedded the parent LWC into a Lightning Component (Aura), which is just an empty shell - its purpose is just on appear in the Experience Builder as a Custom Component.

Now, accordng to an URL parameter (lang=fr for example) passed to the login page URL, I'd like to render custom labels in my LWC views.

Is it possible? If yes, how to do so?
I found nothing in the docs about this.

Thank you
Hi,

I created a TestLogin blank page in the Builder and published it.

Then I navigate to the Administration > Login & Registration section of my Digital Experience.

In the Login Page Setup area, I set the Login Page Type to Experience Builder Page.
When I click on the URL Lookup icon, my page does not show.
Basically, I'd like to assign it...

User-added image

What is really weird is taht in the Registration Page Configuration area, if I set the Registration Page Type to Experience Builder Page, when I click on the URL Lookup icon, my new page shows!

User-added image
Does anybody have an idea of what's happening here?

Thanks
Hi,

Despiste I'm a System Administrator, I can't access the Experience Builder in my Digital Experiences, which I think is very weird.

After reading this post (https://trailhead.salesforce.com/trailblazer-community/feed/0D54S00000A8ChSSAV), I created a Permission Set with the View All Data and Manage Flow permissions (the Manage Force.com Flow doesn't seem to exist anymore), and assotiated this Permission Set to my Admi user.

It didn't work.

Any idea?
Hi,

In the past, I've designed a custom Visualforce Page as the default login page of my Digital Experience.

To do so, I developed my VFP and associated it to a controller.
Then, in All Sites > my Digital Experience > Workspace > Administration > Login & Registration > Login Page Type, I choosed the Visualforce Page option, then picked up my VFP file.

Now, I'd like to use a LWC for my custom login page.

How can I achieve this?
The first issue I'm facing is that in the Login Page Type select box, I can't see any "LWC" option whatsoever.

Thank you
Hi,

Suppose that a single user gets an access token via an OAuth 2.0 flow and by connecting to the same Connected App.

When he executes the flow from multiple devices / browsers / incognito tabs, I notice that Salesforce Identity issues multiple access tokens.

So, is there a way in Apex to know all the active access tokens issued to a given user?

The idea behind is to revoke them one by one.

Thanks
Hi,

According to the login(username, password, startUrl) documentation, this method allows users to log in to the current site with the given username and password, then takes them to the startUrl.

More concretely, what runs under the hood when users log in to the current site?

Thank you
Hi,

I need to implement a "login on behalf" feature.

Let's say 2 user profiles exist: Customer and Customer Care.
A Customer Care user would authenticate as any Customer user, in order to perform actions on behalf of this Customer user.

What seems the most logic to me is that the Customer Care user initiates a, OAuth 2.0 JWT Bearer Flow, by providing the Customer user's email in the JWT payload, which he certainly knows about.

According to you, which approach(es) would be suitable for this kind of use case?

Thank you
Hi,

I need to implement a "login on behalf" feature.

Let's say 2 user profiles exist: Customer and Customer Care.
A Customer Care user would authenticate as any Customer user, in order to perform actions on behalf of this Customer user.

What seems the most logic to me is that the Customer Care user initiates a, OAuth 2.0 JWT Bearer Flow, by providing the Customer user's email in the JWT payload, which he certainly knows about.

According to you, which approach(es) would be suitable for this kind of use case?

Thank you
Hi, 

I'm implementing both "login" and "logout" features for a third-party client, usinf SF Identity as an IdP.

Login is based on an OAuth 2.0 flow, which issues an access token and a refresh token. Once this flow executed, SF also grants a session ID to the newly logged user, and sets a browser cookie accordingly (sid).

For the logout, I tried to revoke both tokens via the standard oauth2/revoke endpoint): the user session remains active (why ???).

Then I tried to use the same API, with the sid as the payload (that I'm getting through UserInfo.getSessionId()): the session still remains active.

So, how to remove a user session using Apex code?

What I need to achieve is basically what is done from the Salesforce setup, Session Management section, with the Remove button.

Thanks

I tried to revoke 
Hi,
In the Developer Console I'm executing this simple snippet:
PageReference page = Site.login(username, password, url);
System.debug(page);
Despite I double checked that an active user exist with the username and password I'm passing to Site.login(), this method always returns null.

This basically means that the login process failed.

Is there a reason for that? I can't get the point.

Thank you
Hi,

Despiste I'm a System Administrator, I can't access the Experience Builder in my Digital Experiences, which I think is very weird.

After reading this post (https://trailhead.salesforce.com/trailblazer-community/feed/0D54S00000A8ChSSAV), I created a Permission Set with the View All Data and Manage Flow permissions (the Manage Force.com Flow doesn't seem to exist anymore), and assotiated this Permission Set to my Admi user.

It didn't work.

Any idea?
Hi,

Suppose that a single user gets an access token via an OAuth 2.0 flow and by connecting to the same Connected App.

When he executes the flow from multiple devices / browsers / incognito tabs, I notice that Salesforce Identity issues multiple access tokens.

So, is there a way in Apex to know all the active access tokens issued to a given user?

The idea behind is to revoke them one by one.

Thanks