Questions tagged [oauth-2.0]

1

votes
1

answer
809

Views

ClassNotFoundException: SimpleGrantedAuthority - Grails 2.4.2 and Spring Security

Please help me, I'll explain my problem in detail. I had a working project using Grails 2.3.5 and the following plugins: Spring security core 2.0-RC Spring security oauth2 provider 1.0.5.2 Then I upgraded to Grails 2.4.2 and now I'm getting the following exception when I try to sign in: 19:29:24,885...
Adolfo
1

votes
1

answer
915

Views

Login with Amazon using DotNetOpenAuth returns (400) Bad Request

I'm using DotNetOpenAuth on a .NET 3.5 solution to provide social login for our customers. I implemented successfully Facebook, Google and Twitter but I'm stuck at Amazon. I'm using same code for OAuth 2.0 providers but when Amazon loads login screen, I put user and password and when I click login m...
georger
1

votes
2

answer
4.8k

Views

Office 365 / EWS Authentication using OAuth: The audience claim value is invalid

I'm still struggling with this. Please see my previous question for details. I am doing an application (currently command line) which should access Office 365/Exchange through EWS Managed API. The goal is to authenticate through OAuth2. I have registered an application in Azure AD. I have used the C...
MichelZ
1

votes
1

answer
277

Views

OWIN OAuth invalid grant error in Windows Service vs. Console App

I have a Web API using OWIN for OAuth, running in Katana/TopShelf. When I install the Web API as a Windows Service, everything responds correctly, except a POST via resource owner flow (grant_type=password, username=x, password=y) returns 400 Bad Request (invalid_grant). The exact same Web API, run...
Daniel Crenna
1

votes
1

answer
593

Views

Spring REST API Security, When to use OAuth and When to use Spring Security?

I'm developing Spring REST application for Android & iOS Clients. And there is a web client as well. I can use spring security to implement web client. But for android and ios app should I still use spring security? or is it better to implement OAuth? Since I'm not allowing my APIs to access 3rd par...
1

votes
1

answer
1.8k

Views

How credential and google cloud storage work?

I am just starting to develop GAE web application. I am trying to get a list of bucket of google cloud storage. I found some code from web site. there are 3 ways on the web what I found. using Google storage API https://code.google.com/p/google-api-java-client/source/browse/storage-serviceaccount-a...
Kumiko K
1

votes
2

answer
811

Views

Invalid_grant error with google cloud storage service account

I am trying to get OAuth2 token so that I can use it in GET BUCKET method in Authorization Header. I am passing grant_type and assertion as mentioned in following link to get token: https://developers.google.com/accounts/docs/OAuth2ServiceAccount#libraries What causes the invalid_grant in response ?...
Hiral
1

votes
3

answer
1.7k

Views

com.google.android.gms.auth shared library not found

I am using Google Play services for authentication in my android app. The project was running perfectly fine until an update in Google play services. After I did the updates, the project is not running. I am getting the following error in the console, [2013-04-29 13:05:08 - Opine] Android Launch! [...
Aaswad Satpute
1

votes
1

answer
834

Views

How to use applicaiton-only oauth in twitter?

Can anyone show me how to use the application-only oauth in twitter? I have to implement it in my app but i cant find ANY tutorials on net for the new api 1.1. An example would be much better...
Saad
1

votes
1

answer
1.6k

Views

Spring Security Oauth2 - InsufficientAuthenticationException: Authentication is required to obtain an access token (anonymous not allowed)

I am trying to understand why anonymous users in the client can't get an access token. I found this post on the Spring Blog regarding this topic, where Dave Syer answers this: Remember this is an issue to do with the client app, not the auth server, so try and see it from the point of view of the cl...
codependent
1

votes
1

answer
2.6k

Views

Visual Basic OAuth2.0 Flow for connecting MS Access to Google Analytics API

I'm building a reporting dashboard in Microsoft Access, and one of the components of this dashboard requires pulling data from Google Analytics. I can get an Authentication Code easy enough from the Google API, but I'm running into issues exchanging the Auth Code for an Access Token and Refresh Toke...
user2554424
1

votes
1

answer
998

Views

Microsoft OWIN Security oAuth Single Sign On ADFS

There are to things that I want to understand Does Microsoft OWIN Security oAuth is completely built in on the oAuth 2.0 RFC. I need a complete sample code that have client to Single Sing on ADFS using OWIN oAuth. What will the architecture for this Single Sing on Many Thanks IK
user2724058
1

votes
1

answer
234

Views

Sharepoint/Skydrive Pro API cannot add a folder to user's skydrive pro account

I am following this msdn article almost exactly but I cannot upload a file using csom: http://msdn.microsoft.com/en-us/library/jj687470.aspx I am using the following permissions: 'Web.Manage' Here is where my code is failing private void InitializeClientContext(ClientContext context) { context.Load(...
Joe Cartano
1

votes
2

answer
3.7k

Views

Google user info gives only id by access token from android google plus

I use Google Plus sdk to login. If is succces, i request the user's access token String scope = 'oauth2:' + Scopes.PLUS_LOGIN + ' ' + Scopes.PLUS_PROFILE; String token = GoogleAuthUtil.getToken(context, mPlusClient.getAccountName(), scope); It works and i get the token, but the when i try it (i wil...
Robertoq
1

votes
1

answer
592

Views

Shopify API App Proxy with Rails verify Users

I am trying to configure an app proxy so users can submit a product for a Shopify store. I have seen multiple ways to so a signature and handle it so yet I am unable to get it working so the ShopifyAPI will work. The action is below, I noticed that:shopify_session filter only works for admin, not...
barnett
1

votes
4

answer
1.6k

Views

Setting up Client Credentials OAuth2 with ember-cli and ember-simple-auth

I have been trying to setup OAuth2 client credentials flow with ember-cli and Rails API back-end and have hit a dead-end. Maybe because I'm new to ember. What I'm trying to do currently is this: bower.json { 'ember-simple-auth': '*' } Brocfile.js app.import('vendor/ember-simple-auth/simple-auth.amd....
strider24
1

votes
1

answer
114

Views

Storing and accessing private data

My goal is to offer a service for user of my website to store their private notes. I want that users can trust the service, therefore the data should not be accessible for my company. Can i realize this with google-cloud-storage and oauth-2.0 authentication? I would use the Google Cloud Storage JSON...
tak3shi
1

votes
1

answer
210

Views

Under the new Google Apps Marketplace OAuth 2 API Console, where are the IMAP and SMTP API?

With the old manifest system, I used MailAPI as a scope. It seems to have disappeared from the API list of the cloud console.
Philippe Laval
1

votes
1

answer
1.3k

Views

Failed to authorize tokeninfo oauth2 request using decorator.http()

To access TokenInfo I use the Google APIs Client Library for Python (oauth2client app engine). I have received an oauth2 access token and this code works fine: @decorator.oauth_aware def get(self): .... .... if decorator.has_credentials() : body = urllib.urlencode({'access_token': decorator....
voscausa
1

votes
2

answer
3.7k

Views

Access tokens using 2 legged Oauth 2.0 and Apache OauthClient

I'm trying get 2 legged Oauth 2 working. I'm trying to mimic this CURL call to get an access token: curl -u CLIENT_ID:CLIENT_SECRET https://mydomain.com/token -d 'grant_type=client_credentials' I'm trying to do the same thing in Java using Apache Oltu: org.apache.oltu.oauth2 org.apache.oltu.oauth2.c...
Benj F
1

votes
1

answer
3.4k

Views

oauth2 in asp.net web forms

I am working on implementing token based security for the asp.net web form website and webapi. The website should work with session token with claims based identity. The website should do ajax request to the web api. This is what I have implemented so far: Use thinktecture v2 STS as token provider...
user1213831
1

votes
1

answer
156

Views

Getting response by opening a browser in ruby?

I am using ruby -v 2.1.5 . I am trying to use the onedrive API to authorize my user(oAuth2) in my web app. I am following the steps specified in https://github.com/ronyv89/skydrive/blob/master/README.md I got the auth_url by using the following steps, require 'rubygems' require 'skydrive' class Liv...
1

votes
1

answer
720

Views

How to gain Reddit API access token?

I have been using this as a resource: https://github.com/reddit/reddit/wiki/OAuth2-Quick-Start-Example I am referencing the Curl Example to acquire a token. Here is exactly what I am running in terminal: curl -X POST -d '[email protected]=myrealpassword' --user 'jRje7B...
Aljosha Novakovic
1

votes
2

answer
648

Views

OneDrive OAuth 2.0 and Postman Sanity Check

I am trying to generate a OAuth Token for OneDrive by using Postman. I just wanted to ask for clarification as to what the Auth URL, Access Token URL and scope would be? I have tried it with: Auth URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize Access Token URL: https://login.mi...
jdave
1

votes
1

answer
447

Views

What is the use of consumer token services in spring boot oauth2?

I used JDBC token store in authorization server. But I don't know about the consumer token services. Can anyone explain it? How to revoke the access token using consumer token services? Authorization Config @Configuration @EnableAuthorizationServer public class OAuthServerConfig extends Authorizati...
Vicky
1

votes
1

answer
90

Views

Is it discouraged to store oauth2.0 authorization code in a cookie?

Is it discouraged to store oauth2.0 authorization code (not talking about access token) in a cookie? why? why not? The reason being the client it is intended for lives behind several proxies and may go through few redirects before it reaches the client. The thought was to put the code in an encrypte...
user366735
1

votes
2

answer
324

Views

What is in the sub and oid claims when getting client_credentials tokens from the Azure AD OAuth v2 token endpoint?

I can get these tokens after setting up keys/secrets, but I don't know if or how I can rely on the sub claim in my app. For more background, my app is actually a B2C registered app and I'm going to the v2 endpoint in the B2C tenant, but with no policy specified in order to use the client credentials...
jes
1

votes
1

answer
152

Views

Which OAuth 2.0 Authentication Flow does the MVC5 use?

I was going through this Example. Does this example(for facebook) use Explicit Authentication flow or Implicit Authentication flow?
JOW
1

votes
1

answer
0

Views

IdentityServer 3 returns invalid_client

I am using IdentityServer3 with EF. I have API project and i want to authenticate its access using access token. So based on sample i have configured client ( for API project) in identity server as below Client Properties Client Secret (Note whatever the text i put as secret value, the admin UI auto...
LP13
1

votes
1

answer
629

Views

Can Swagger Code Gen SDKs handle OAuth token refresh?

Can SDKs created by Swagger Code Gen (https://github.com/swagger-api/swagger-codegen) manage OAuth token refresh by storing and using a refresh token to automatically refresh an expired access token?
Grokify
1

votes
1

answer
66

Views

OAUTH2 flow for authentication across clients

I seem to be royally confused, somehow OAUTH2 or it's newer more stringent subset OpenID Connect just don't click in my head... My application is a RESTFUL service that has no Web UI whatsoever. Several clients are using it ( from both web and mobile apps ) My service should store per user data. Now...
Gluber
1

votes
1

answer
4.6k

Views

Unable to authenticate to an oauth2 server with spring oauth

I'm trying to run samples written by Dave Syer (https://github.com/spring-cloud-samples/authserver and https://github.com/spring-cloud-samples/sso) without using the JWT converter (and the signature process with the certificate). The sample works fine when i run it as it is, with certificate and ke...
IKane
1

votes
1

answer
1.4k

Views

How to solve UnsupportedMediatType when using RestSharp and OAuth2

Just a few minutes ago I managed to make my code work with RestSharp and OAuth2, retrieving an access token. I now want to use that token on every call that I make to my REST API. Unfortunately I keep getting an UnsupportedMediaType StatusCode although the response status is completed. Here is my c...
Dimitris
1

votes
1

answer
276

Views

Oauth Revoke access token only

I'm using OAuth 2.0 to log in users in my website. Just like any kind of website, e.g. Google, Asana, etc. . What I would like to know is if there is a way to revoke ONLY the access token and not the refresh token when the user logs out. This is what I do: when a user logs in, I create a session an...
george
1

votes
1

answer
2.7k

Views

OAuth2 authorization from Java/Scala using google gdata client API

How would you perform the same flow as the Google .Net sample at subsection 'Performing OAuth 2.0', using an equivalent Java api? That .Net sample I am trying to mimic using Java api seems fit for sending an api request to create an authorization url, then assumes I would use that url in a browser t...
matanster
1

votes
2

answer
214

Views

restify-oauth2 how to use tokenExpirationTime

I am using the restify-oauth2 repo from here: https://github.com/domenic/restify-oauth2 In the readme it mentions tokenExpirationTime but never tells how to use it. Here is all it says about it: tokenExpirationTime: the value returned for the expires_in component of the response from the token endpo...
gmaniac
1

votes
1

answer
1.1k

Views

APIGEE external OAuth 2.0 Authorization

I tried to set up an API proxy and do OAuth 2.0 autentification with a Google API token. I got a Javascript for validating a google token and swiched to true, setting the flowvariable oauth.externel.authorization.status=true if the token ist valid. The result is always 'errorcode':'oauth.v2.Invalid...
BTK
1

votes
2

answer
134

Views

How do I authenticate through a generic OAuth2 provider in Rails 4?

We have an in-house Single Sign On server, built on IdentityServer2 and we use it to authenticate many different web products. Some of these products are in .NET, some in ColdFusion and we are adding another in Ruby on Rails. I am having a great deal of difficulty, though, in finding information on...
Carl
1

votes
1

answer
0

Views

Passport facebook token Oauth2 throwing Internal Server Errors when the token is good but works fine when token is wrong

What am I missing here? I've been through all the threads here and googled it for a while: Whitelisted my machine's IP under the apps advanced settings. Double-checked the token and when it's expired I can see that error on the console. Double checked client + secret + origins in the app Tried thing...
SebastianG
1

votes
3

answer
891

Views

How to revoke the access and refresh token in Oauth2.0?

I've used this method for revoke the token. But the access token and refresh token again reusable. How to revoke the access and refresh token? public async Task Revoke(string refreshToken,stringaccessToken){ var identityService = await DiscoveryClient.GetAsync('http://localhost:5000'); var revocat...
Sathiya moorthi