+ Start a Discussion
ToriSansomToriSansom 

Set up Social Sign-on in Community - Trailhead Challege

I am unable to move forward with the Module ''Set up Social Sign-on Unit'' (https://trailhead.salesforce.com/identity/identity_external/identity_external_social) in Trailhead as the challenge is to set up a Google Social Sign-on, however it seems that the Registration Handler provided is for Facebook rather than Google. Is someone able to provide some support /suggestions on this so I can move forward please? 

Registration Handler provided: https://github.com/salesforceidentity/IdentityTrail-Module3 and use Module3RegistrationHandler.cls

 

NagendraNagendra (Salesforce Developers) 
Hi Torisansom,

Check if you can log into the community using Google sign on the login page.

And also please consider this point in the same trailhead unit.


From Setup, enter All Communities in the Quick Find box, then select All Communities and click Manage next to the Customers community.
Select Administration, then Login & Registration and you see that Google is now an option.

Select Google and click Save.
To confirm your change, return to your private (incognito) browser and reload the login page. Check that the Google icon appears on the login page.

Hope this helps you!

Please accept my solution as Best Answer if my reply was helpful. It will make it available for other as the proper solution.

Best Regards,
Nagendra.P
ToriSansomToriSansom
Thank you so much for your reply but this didn't help me. There is an issue with the Apex code provided in the module 
DavidSCDavidSC
Please try this raw code:
https://raw.githubusercontent.com/salesforceidentity/IdentityTrail-Module3/master/Module3RegistrationHandler.cls

Issue was related to Github, we were downloading an HTML of the page itself :) #bigfailgithub
ak12345ak12345
Hi there, I'm getting this error - 

REGISTRATION_HANDLER_ERROR: List has no rows for assignment to SObject

Can't figure out what I'm doing wrong but whether I try to login through Google on the Customers or Partners portal, I get the same error. Anyone else come across this & find a solution?
Arnaud SourdillonArnaud Sourdillon
Hi,

same issue for me: ... does someone already finished this challenge in trailhead ?... if yes please help :-)
still having this error with google connexion :
We can’t log you in because of the following error.
REGISTRATION_HANDLER_ERROR: List has no rows for assignment to SObject
David SOBCZAKDavid SOBCZAK
There is a problem inside the class. In fact, one query is execute with a filter on profil.name but the problem is this name it's not the same for every user, in fact it can depend following your language. 

I propose a corrected class which works for a lot of language. Try to replace the class "Module3RegistrationHandler" by my following class :
 
/**
  Registration Handler for External Identity Trail
**/
global class Module3RegistrationHandler implements Auth.RegistrationHandler{
    
    private static final String ORG_SUFFIX = '.sso.badge.org';
    private static final String DEFAULT_ACCOUNTNAME = 'Partners';
    private static final String EXTERNAL_USER_PROFILE = 'Partners';
    private static final String INTERNAL_USER_PROFILE = 'Standard User';  
    private static final String TZSID = [SELECT timezonesidkey from User where profile.name Like '%Admin%' LIMIT 1].timezonesidkey;
    
/**
 * Let anyone register as long as the required fields are supplied
 * 
 * We require email, lastName, firstName
 * 
 * @data - the user's info from the Auth Provider
 **/ 
global boolean canCreateUser(Auth.UserData data) {
    System.debug('canCreateUser was called for ' + (data != null ? data.email : 'null'));
    Boolean retVal = (data != null 
            && data.email != null
            && data.lastName != null
            && data.firstName != null);
    
    System.debug('data.username='+data.username);
    System.debug('data.email='+data.email);
    System.debug('data.lastName='+data.lastName);
    System.debug('data.firstName='+data.firstName);
    
    return retVal;
}

/**
 * Create the User - A required method to implement the Handler Interface
 * 
 * @param portalId  - Id of the Community
 * @param data - Auth Provider user data describing the User to create
 * 
 * @return User that has been initialized
**/ 
global User createUser(Id portalId, Auth.UserData data){
    if(!canCreateUser(data)) {
        // Returning null signals the auth framework we can't create the user
        return null;
    }
    
    // Is this a Community Context?
    if(data.attributeMap.containsKey('sfdc_networkid')) {
        System.debug('Registering Community user: ' + data.email);
        Id contactId;

        // Checking to see if the email address is already used by another Contact
        // If so, use that contact and user
        List<Contact> existingContacts = [select id, email from Contact where email =: data.email];
        if (existingContacts.size() > 0){
            // Use the first Contact with matching email
            Contact existingContact = existingContacts[0];
            contactId = existingContact.Id;
            List<User> existingUsers = [select id from User where ContactId =: contactId];
            if (existingUsers.size() == 1){
                // Use this User instead of creating a new one
                // The Registration Handler system will assoicate the Auth Provider
                // with this user
                return existingUsers[0];
            }
        } else {
            // No matching Contacts found
            // So we create one
            // To keep things modular, we're creating the Contact in a separate method
            contactId = createContact(data);
            System.debug('Created contact: '+ contactId);            
        }
        

        // You'd likely use other logic to assign the Profile
        Profile p = [SELECT Id FROM profile WHERE name=:EXTERNAL_USER_PROFILE];
        System.debug('Found profile: '+ p);

        // Keeping it modular, we initialize the user in another method
        User u = createUser(data,p);
        
        u.contactId = contactId;
        return u;
    } else {
        //This is not a community, so we Assign an internal profile
        Profile p = [SELECT Id FROM profile WHERE name=:INTERNAL_USER_PROFILE];
        System.debug('Found profile: '+ p);
        
        // Keeping it modular, we initialize the user in another method
        User u = createUser(data,p);

        return u;
    }
}

/**
 * Update the user
 * @param portalId  - Id of the Community
 * @param data - Auth Provider user data describing the User to create
 **/     
global void updateUser(Id userId, Id portalId, Auth.UserData data){
    System.debug('Update User called for: ' + data.email);
    
    User u = new User(id=userId);
    u.email = data.email;
    u.lastName = data.lastName;
    u.firstName = data.firstName;
    update(u);
}
    /**
     * Create a Contact
     * 
     * @param data - Facebook provided context for the User
     **/
    private Id createContact(Auth.UserData data){
        Contact contact = new Contact();
        contact.LastName = data.lastName;
        contact.FirstName = data.firstName;
        contact.Email = data.email;
        
        // set Account Id
        if (data.attributemap.get('accountId') != null){
            contact.accountId = data.attributemap.get('accountId');
        } else {
            List<Account> accounts = [select Id from Account where Name =:DEFAULT_ACCOUNTNAME];
            System.debug('Found account: ' + accounts);
            
            contact.accountId = accounts[0].Id;            
        }
        insert contact;

        System.debug('Contact created for ' + data.email + ' id=' + contact.id);

        return contact.id; 
    }

    
    /**
     * Create and initialize the User but don't save it yet
     * 
     * @param data - the provided User context from FaceBook
     * @param p - the Profile we are going to assign to this user
     * 
     * @return User that has been initialized but not Saved
     **/ 
    private User createUser(Auth.UserData data, Profile p) {
        User u = new User();
        u.username = data.email + ORG_SUFFIX;
        u.email = data.email;
        u.lastName = data.lastName;
        u.firstName = data.firstName;
        String alias = data.firstName + data.lastName;
        
        //Alias must be 8 characters or less
        if(alias.length() > 8) {
            alias = alias.substring(0, 8);
        }
        u.alias = alias;
        u.languagelocalekey = UserInfo.getLanguage();
        u.localesidkey = UserInfo.getLocale();
        u.emailEncodingKey = 'UTF-8';
        u.timeZoneSidKey = TZSID;
        u.profileId = p.Id;
        return u;
    }        
}

 
Arnaud SourdillonArnaud Sourdillon
Hello David.
First Thanks for your answer.

Unfortunately I'm still having an issue... but not the same now :-)
it's strange it says :
ERROR_CREATING_USER: portal account owner must have a role

for information, all other modules in this trails have been done correcly avant self register ... I don't understand this error

if you have another tips => Thx by advance... and sorry for my English

User-added image

 
David SOBCZAKDavid SOBCZAK

Hello,

No problem for your english, I'm French too without a good english level ;)

Firstly, I think it's important to close this question and don't mix many questions in one thread. 

Secondly, if I understand correctly your new error message, I think the owner of the customer account "Portal" have no role. So check inside the profil of this account owner if it has role. If no add a role and try again.

David SOBCZAKDavid SOBCZAK
In fact when I say "Portal" account, I am not sure concerning the name of your account. You need to check inside your portal config which account we have selected, and check for this account the owner. If you have follow correctly the trailhead normally the account name is "Portal"
Arnaud SourdillonArnaud Sourdillon
Thanks David... All is done correctly for me from now after using your advise !
J MendoncaJ Mendonca
Hi, I am still having problems with this challenge, I have done everything as instructed even copied the code above and have a role assinged to the account owner which is me. I still get an error message saying "Portal account owner must have a role". I have gone back and tried again on different trailhead playgrounds and still get the same message.
 
Jessica ColaianniJessica Colaianni
Hi, I have problem too.
I have this message: We can’t log you in because of the following error.
NO_ACCESS: Unable to find a user.

Can someone help me?

Thank you

Jessica
Promethee CharissisPromethee Charissis
Same error here : NO_ACCESS: Unable to find a user.
This module should get completely reworked by Salesforce.
This is a mess and broken for now.
Valerio VerdeValerio Verde
I hit the REGISTRATION_HANDLER_ERROR: List has no rows for assignment to SObject problem and debugged the Apex code to see where is the problem.

It seems that the problem is in this line: 
private static final String TZSID = [SELECT timezonesidkey from User where profile.name ='System Administrator' LIMIT 1].timezonesidkey;
Executing the SOQL, it returns 0 records.

Change the line with 
private static final String TZSID = [SELECT timezonesidkey from User where profile.name ='Partners' LIMIT 1].timezonesidkey;
solved the problem for me.

Hope it helps.

Happy Trailheading :)
Joshua Lawrence 2Joshua Lawrence 2
Hey everyone.  My issue was I was trying to sign into the customers portal rather than the partners portal. 

1. Make sure you enable facebook and google login for the partner community
2. login to https://yourcompanylogogoeshere.naXX.force.com/partners/login/
3. success!
alejo Luisalejo Luis
For the ERROR : NO_ACCESS: Unable to find a user.   The issue for me was that when I tried to do this with the incognito tab there's no google association to any profile.  So what I did was to try from the regular browser where I had my googgle account and it was able to recognize several. I choose the one I wanted and it was able to log me in.   Hope this wors for you guys!
Bogdan Protsenko 23Bogdan Protsenko 23
Hi guys!

My Facebook login works just fine. However, my Google login always result in the following error:

We can’t log you in because of the following error.
Invalid_Login: Login as
guest user is not allowed

https://www.screencast.com/t/MbjAWGNbCFWm

I followed all recommendations in the topic, allowed all possible guest access and debugged Module3RegistrationHandler (it has no errors). No clues on what to do next. Please help.
Bogdan Protsenko 23Bogdan Protsenko 23
Ok, the issue was related to my Google account. Unfortunately, I was not able to establish what is wrong with my Google acc, but just try to use another Google acc if you experience the same. Would be great if someone is able to explain what can be wrong with the Google acc. Thanks.
Satoru Wada 4Satoru Wada 4
This issue is cleared.
Thank you Valerio Verde.
 
KRISHNA REDDY PEDDANAGAMMOLKRISHNA REDDY PEDDANAGAMMOL
Issue is solved now. Thank you 
David SOBCZAK.
Anup KossambeAnup Kossambe
For everyone who is getting this error : We can’t log you in because of the following error. Invalid_Login: Login asguest user is not allowed
This issue is caused if your admin login email id is the same as the gmail id you are trying to sign on with.

For example, if your admin email address is xyz@gmail.com , and you are trying to sign on in the community using xyz@gmail.com, it gives this error.
Create a new gmail id abc@gmail.com and try to log in. It will complete the challenge.
Dionne PettyDionne Petty

Bogdan Protsenko 23
 

Your solution worked for me! Thank you!

Andrew Crane 1Andrew Crane 1
Hi All,

uhhh....I am very new to this and hoping someone can please help! Sadly, I am not a developer and am struggling to even move past the first part of this Social Sign On unit, where we are to setup Facebook as an Auth provider under the "customers" community.

I did all the steps carefully in the project up until now, (including all prior units, I believe). I have double and triple checked my work but for some reason cannot get past the final hurdle of being able to use Facebook to login to the community. When I try to login via the TestOnly URL, the window repeatedly returns this following (highly ambiguous) error message (so far I have not been able to Google my way out of this, either): 

Problem Logging In: We can’t log you in because of an authentication error. (That's the whole message. It says absolutely nothing else)  I'm not sure if there is a problem with the Apex code (which I copied and pasted the Github link in the Trailhead, like everyone else), an issue with my Facebook account, or some other configuration misstep I made while setting up the Facebook access provider, changing the registration handler, or in implementing the "customers" community itself, or some other incredibly simple part of the process I am going to look back and kick myself for later. 

Another thing is I noticed my XML code returned at the end of the first, "Creating and Authentication Provider" section, where I pasted my Test Only URL into the Browser:       
Test-Only Initialization URL        https://login.salesforce.com/services/auth/test/00D1U000000zQBbUAM/Facebook
looked dubiously inconsistent with what I saw in Trailhead's demo XML (by that I mean the names are obviously differrent b/c it's me, but the XML I got returned to me when using the TEST ONLY URL, like it says to to in the Trailhead, as oppsoed to any of the other URLs available under Auth. Providers did not include the "link" to the Facebook site, or a "locale." Instead of: 

<?xml version="1.0" encoding encoding="UTF-8"?>
<user><full_name>Andrew Crane</full_name><provider>Facebook</provider>
<org_id>15-character org ID</org_id>
<link>https://www.facebook.com/app_scoped_user_id/my 16 digit numerical id/</link>
<last_name>Actual Last Name</last_name>

<id>16-digit numerical ID</id>
<portal_id>000000000000000</portal_id>
<locale>en_US/</locale>
<first_name>Andrew</first_name>

<email>myemailaddress@gmail.com</email></user> 

The XML that came back was: 
nothing up top, then just:
<user><full_name>Andrew Crane</full_name><provider>Facebook</provider>
<org_id>15-character org ID</org_id>
<last_name>Actual Last Name</last_name>

<id>16-digit numerical ID</id>
<portal_id>000000000000000</portal_id>
<first_name>Andrew</first_name>

<email>myemailaddress@gmail.com</email></user> 

Maybe that's a clue...?? 
 
I have also tried every configuration of regular/incognito window I can, as well as copying and pasting the (Apex?) code suggested above to modify my Apex Class and that doesn't work either- although I kind of expected that- since that code was I think relevant to the Google for Partners issue, not the Facebook for customers issue. 

Please help a poor guy out: has anyone else encountered this issue, or would someone be kind enough to suggest a fix? Maybe this is an inneficient way to go about this, but I feel I should not move on to the actual challenge at the end without first completing the basics, so this is starting to get really frustrating. Again, I really apologize in advance, but being so new to all of this and spectacularly unfamiliar with Apex, any technical answers relying on a wealth of prior knowledge of the language, or coding more generally will most likely fall on eyes currently too blind to comprehend it but any help at this point would be greatly appreciated! Thanks!
Andrew Porter 26Andrew Porter 26
Had the same issue as above, I've run through several solutions people have provided. 
Still trying to find a solution to "Problem Logging In: We can’t log you in because of an authentication error."
alsialsi
To complete this challenge, you should update the handler provided : https://github.com/salesforceidentity/IdentityTrail-Module3/blob/master/Module3RegistrationHandler.cls.
It seems that the token sent by google has changed, so you have to adapt the apex code to get the lastname.
In the handler code, you have to replace "data.lastname" by "data.fullName".