Skip to Content Skip to Menu

CONNECT issue with fb when using pre-fill method

  • Miggybe
  • Miggybe
  • OFFLINE
  • Posts: 2
  • Thanks: 0
  • Karma: 0
6 years 6 months ago #304467 by Miggybe
CONNECT issue with fb when using pre-fill method was created by Miggybe
Good evening,

I had the system installed with single sign-on and this worked fine.

Now in the view of GDPR, i wanted the terms and conditions to be approved during registration with facebook, so the only way (as I found in this forum) is to use the pre-filled system.

Now I have several problems
  • The pre-filled registration shows the facebook ID-field as a field to "unlink my fb profile" (see screenshot 1) - irrelevant and confusing, as this is a new registration (with facebook)
    The Facebook ID is not stored into the appropriate CB field (and I have mapped it manually - see screenshot 2 & 3)
    The system sends out a double opt-in mail to users registering via pre-filled facebook although the parameters are set to override the normal CB flow
  • The account never can log in with facebook login (I guess this is because the ID is missing)
  • The system loops between every attempt to login to the pre-filled registration page to complete the registration

Now If I put the CONNECT system to Single sign-on, everything works fine. The facebook ID gets filled into the corresponding field and the login works. But this is not GDPR compliant, as the user has not accepted terms and conditions.

There are no special extra plugins in my environment, only CB Privacy and CB AntiSpam

Using CB 2.1.3 / CB CONNECT 7.1.0

Thanks for you support!

Miguel
Attachments:

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48536
  • Thanks: 8290
  • Karma: 1445
6 years 6 months ago #304484 by krileon
Replied by krileon on topic CONNECT issue with fb when using pre-fill method

But this is not GDPR compliant, as the user has not accepted terms and conditions.

They're explicitly authorizing the application to do this. At Facebook within your App under Settings > Basic supply your privacy policy and terms and condition URLs and that's all you have to do.

The pre-filled registration shows the facebook ID-field as a field to "unlink my fb profile" (see screenshot 1) - irrelevant and confusing, as this is a new registration (with facebook)

Looks like a bug with one of the IF checks. It should just state what provider account is about to be linked. Checkbox usage is meant for profile edit. Fixing for next build.

The Facebook ID is not stored into the appropriate CB field (and I have mapped it manually - see screenshot 2 & 3)

It's possible this is due to the above bug, which have fixed and tested to be working fine. Mapping the id fields also doesn't do anything as it won't map those.

The system sends out a double opt-in mail to users registering via pre-filled facebook although the parameters are set to override the normal CB flow

You can't override Confirmation or Approval when using Pre-filled mode.

But this is not GDPR compliant, as the user has not accepted terms and conditions.

It actually is. GDPR is about giving clear consent. Ensure your Facebook application is setup to make that clear. It provides inputs to link to your privacy policy and terms and conditions URLs. Be sure to clearly state what your Facebook application collects and what for. GDPR is not a design limitation. It is all about being clear what you're doing with a users data and collecting consent.

Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in or Create an account to join the conversation.

  • Miggybe
  • Miggybe
  • OFFLINE
  • Posts: 2
  • Thanks: 0
  • Karma: 0
6 years 6 months ago #304510 by Miggybe
Replied by Miggybe on topic CONNECT issue with fb when using pre-fill method
Hi Krileon,

Thanks for your quick reply.Thanks also for the fix.

The T&C links were all in place on Facebook, but there the checkbox to accept my site's T&C is nowhere shown, so my lawyer tells me it is only implicidly accepted, which is against GDPR. There should be an extra checkbox. But that is on the facebook side. Nothing you can do about it.

On top of that the T&C field in CB is not 'checked' as 'accepted' after registration with facebook, so according to my local system the user has not accepted the T&C. I'll try to fix that on the registration page with some legal blah blah. But maybe not a bad idea to foresee some solution for this on the CB side in the long run.

Have a great evening!

Miguel

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 48536
  • Thanks: 8290
  • Karma: 1445
6 years 6 months ago #304513 by krileon
Replied by krileon on topic CONNECT issue with fb when using pre-fill method
Have added a feature ticket to check if there's any terms and condition fields that have not been accepted after single sign on and if there are to show them before finalizing the synchronization. Basically same as how the email address field works when a provider doesn't give email address. If they don't accept then nothing will synchronize and register. This should workaround providers lacking support for GDPR in their application authorization pages.

forge.joomlapolis.com/issues/7152

Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
The following user(s) said Thank You: Miggybe

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum