Questions tagged [oauth-2.0]

8

votes
2

answer
15.6k

Views

Google API - request for token from Oauth2 returns “invalid_request”

I am trying to make an app using Google's calendar API. I'm following the directions here. I can make the request to get the authorization code, but I can not seem to form a valid request to get an access token. I keep getting the response {'error' : 'invalid_request'}. This is the POST request...
stymo
8

votes
2

answer
7.3k

Views

how to generate OAuth client identifier and client secret?

I'm implementing an OAuth2 provider, and I would like to have an area somewhere in my web site where developers log on and register third party apps. But I'm having doubts on how to generate the apps's client identifier and client secret. Should they be unique random codes, or do they have to have s...
Daniel
8

votes
1

answer
1.9k

Views

Github oauth multiple authorization callback URL

I want to work in my localhost and my live domain, there is any way to insert more then one callback to github oauth settings? How we solve this problem? Redirect URLs
Bazinga
8

votes
2

answer
16.3k

Views

Spring Boot Rest service with oAuth2 Security credentials from database

Could anyone please help me with an example of a Spring Boot application that contains a Rest Service with endpoints protected by Spring Security using oAuth2 with user credentials from a MySQL database?
Hardy Le Roux
8

votes
3

answer
3.6k

Views

How do I get refresh token using GIDSignIn and GTMOAuth2Authentication in iOS?

I am writing an iOS app that uses Google's GIDSignIn [1] to sign in users and GTLServiceYoutube to execute queries against Youtube (uploading videos and retrieving Youtube video lists). This works fine when the user first logs in but after approximately one hour, the access token expires and the us...
hjortgaard
8

votes
2

answer
2.1k

Views

OAuth: Starting a Google Compute Instance from within Google App Engine

I have a Google App Engine web app that runs the majority of my site. However, for certain functions, I need a linux machine. I would like my Google App Engine app to automatically spin-up a Google Compute Instance on certain events. I understand that you can add Google Compute instances using the...
speedplane
8

votes
4

answer
2.5k

Views

Android: Verify device google account name on server

I'm developing an android app which uses google account available on device to authenticate user to server-side component. I send google account name (gmail address) to server but to be able to verify it with google on server, I request an oauth token on android device and send it to server as well....
Ali Shakiba
8

votes
5

answer
7.2k

Views

Keep getting Error: redirect_uri_mismatch using youtube api v3

Hi I hope someone can help me out here. I have a Web Application (asp.net) on my local machine, I am trying to upload video to YouTube using this sample https://developers.google.com/youtube/v3/code_samples/dotnet#upload_a_video I have set up client id and secret for Web application in Google consol...
IronHide
8

votes
1

answer
3.6k

Views

Login to Single Page Application with Google authentication and Google Oauth 2.0

We are developing an SPA - full client base javascript application and need to authenticate our users to get access to the internals. As I found from the search we can outsource our authentication mechanism and use Google accounts for that. I learned from this site https://developers.google.com/acc...
Akim Khalilov
8

votes
1

answer
927

Views

Migrating from Google OpenID 2.0 to OpenID Connect with different redirect_uri and openid.realm parameters

I am migrating from Google OpenID 2.0 to OpenID Connect. I am currently using Microsofts ACS which uses Googles depreciated OpenID 2.0 for authentication. This means my realm was automatically set to 'https://mywebsite.accesscontrol.windows.net:443/v2/openid'. ACS has no plans to upgrade so I have b...
brocknz
8

votes
2

answer
5.1k

Views

How do I persist a session using OAuth 2.0 after authorization through a third party service? [closed]

I'm implementing an OAuth 2 based authorization model for an application I'm developing. I'm offering end-users the ability to login with Facebook or by setting up an email/password account with my API. The email/password authentication is straightforward using a password grant. I'm looking for help...
Ben Harold
8

votes
2

answer
1.2k

Views

Decide when to refresh OAUTH2 token with Python Social Auth

I believe this is mostly a question about best practices. I have an OAUTH2 provider that issues access tokens (valid for 10 hours) as long as refresh tokens. I found here that it is pretty easy to refresh the access token but I cannot understand how to decide when it is time to refresh. The easy ans...
8

votes
1

answer
329

Views

Installed Python App And Google Client ID

I'm a python beginner, and I want to make a basic google tasks client. It'll be a native app. The point I cant get is how to keep the 'client secret' actually secret, as it's to be included in the program code. I've searched and found a post, quoting a google forums post, and basically suggesting to...
8

votes
1

answer
4.6k

Views

Verify Access Token - Asp.Net Identity

I'm using ASP.Net Identity to implement external logins. After user logins in with Google I get google's external access token. I then make a second api call to ObtainLocalAccessToken() which trades the external access token for a new local one. ObtainLocalAccessToken() calls VerifyExternalAccessTok...
parliament
8

votes
2

answer
4.6k

Views

Getting all groups an user is a member of through oauth (google)

I'm building a web-application that lets users login with a google-apps account. I need some userinfo, nr of new e-mails, calendar access and all the groups (in my domain) the user is a member of. The trouble is that i can't find the right scope (and endpoint) to get the groups a user is member of....
Henk-Jan
8

votes
0

answer
3.3k

Views

Apache Oltu tutorials/tips [closed]

I have a task to integrate the OAuth 2.0 protocol on an API by using Apache Oltu. Since I can't understand the examples on the website http://oltu.apache.org/index.html , has someone experience with this and could he give me tips/tutorials how could I implement it? Thanks!
Ivaylo Toskov
8

votes
2

answer
663

Views

Accessing Yelp API in PHP

I'm getting started with Yelp API v3 (Fusion). I have created an app, got Client ID and Client Secret. I understand that I need to get a token from Yelp API and then using business ID retrieve json data. I've found the following PHP code: $postData = 'grant_type=client_credentials&'. 'client_id=YOU...
santa
8

votes
1

answer
319

Views

Refreshed OAuth2 token has invalid signature (Azure AD OAuth2)

I'm trying to create an authentication flow where the user's access token is kept in a server-side session along with the refresh token, and when the token expires it is renewed if the session is still valid. However, the token I get back from Azure AD after refresh has an invalid signature, when ve...
Tomas Aschan
8

votes
1

answer
3.8k

Views

How do you write an OAuth2 server in Perl?

I'm trying to wrap my head around OAuth2 and Perl (i.e. Net::OAuth2) – specifically, setting up a RESTful API for a database, and an application that uses it. Perl Oauth2 package led me to Net::OAuth2. As near as I can figure, there are a couple of things I need to do (please correct me if I'm o...
bibliophylum
8

votes
1

answer
1k

Views

ASP.NET 5 Web API supporting social logins, individual accounts, account management, authorisation screens and ASP.NET Identity. Does it exist?

Essentially, this is an update to this question from nearly two years ago answered very helpfully by @Pinpoint of AspNet.Security.OpenIdConnect.Server fame. I'll just put the rant at the bottom for all who care to indulge themselves in the 4am blasphemes of a frustrated developer. I am starting some...
joshcomley
8

votes
2

answer
179

Views

LinkedIn OAuth returns unclear error

In response to an oauth request, LinkedIn redirects user back to my server with the following parameters: GET /auth/linkedin/callback?error=server_error&error_description=f228ff35d9f7f99ee891ff1e9b056a7a2e4b8429b84de8d7&state=the+authorization+server+encountered+an+unexpected+condition Moreover, acc...
Tal
8

votes
2

answer
8k

Views

Refresh Token for Google Api Php Client

I am using the Google API Client to access Google Analytics. I want to access the data in offline mode, so I need a refresh token. How do I get a refresh_token?
Sanganabasu
8

votes
2

answer
11k

Views

Google login get access token with new GoogleSignInOptions

My android app currently uses the GoogleAuthUtil to signin users and fetch an access_token which is passed to the backend (code snippets below which show creating the GoogleApiClient and using GoogleAuthUtil to get the token). mGoogleApiClient = new GoogleApiClient.Builder(this) .addConnectionCallba...
Bootstrapper
8

votes
3

answer
3.4k

Views

GoogleOAuth2AuthenticationOptions setting access_type as offline

I'm trying to obtain Refresh token for Google Account using Microsoft.Owin.Security.Google in MVC5 project. To obtain RefreshToken in resposne from google server, I need to set access_type = offline. But I can't find any suitable property in GoogleOAuth2AuthenticationOptions object for that. Code us...
eCorke
8

votes
3

answer
12.4k

Views

How to add claims to access token get from IdentityServer3 using resource owner flow with javascript client

I use the resource owner flow with IdentityServer3 and send get token request to identity server token endpoint with username and password in javascript as below: function getToken() { var uid = document.getElementById('username').value; var pwd = document.getElementById('password').value; var xhr =...
Yang Zhang
8

votes
1

answer
4.8k

Views

Automatically login local user after registration with IdentityServer3

Using IdentityServer3 I need to automatically login and redirect a local user back to the client application after the user has completed a registration process. Is there an elegant way to do this? From my digging I suspect not, in which case is there a hack I can use to achieve this? I was able to...
Gavin
8

votes
2

answer
10.5k

Views

Does the `refresh token` expire and if so when?

I have read the PODIO documentation. I have in particular contemplated the following statement concerning use of the refresh_token: This request returns the same data as above, and you can continue to do this over and over again, to keep your application authenticated without having to ask the user...
rabbitco
8

votes
2

answer
3.4k

Views

Override AccessTokenExpireTimeSpan

Is possible to override the default AccessTokenExpireTimeSpan for a specific ticket on a custom OAuthAuthorizationServerProvider? The default expiration time for all other tickets is 15 minutes. public public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext conte...
Max Bündchen
8

votes
2

answer
6.1k

Views

Using OAuth2 with service account on gdata in python

I want to use data.photos.service.PhotosService to push and pull photos from Picasa. I got a service key file XXXXXXXX-privatekey.p12 from Google console and am now trying to authenticate using said key with google. The documentation for OAUTH2 using appengine has led me to believe that using the f...
Nielsvh
8

votes
2

answer
3.1k

Views

OpenID Connect Provider in Python

I've been searching how to implement an OpenID Connect provider in python and I have found this library made by Roland Hedberg (it's recommended by OpenID ). But I've read the docs, the examples and I think it examples are overcomplicated for people that have no big knowledge about it (provider, wsg...
fernandosavio
8

votes
3

answer
1.1k

Views

What could cause the original 'OAuth2' state parameter to be null in org.springframework.social.connect.web.ConnectSupport?

I am trying to use Spring Social on my application and I noticed while debugging that the original 'OAuth2' state parameter is always null on my app. See Spring Social source code for org.springframework.social.connect.web.ConnectSupport below: private void verifyStateParameter(NativeWebRequest requ...
balteo
8

votes
1

answer
1.8k

Views

Sending Money with Dwolla's API and using PHP to do it?

Hello everyone I'm back again, In my last post I was attempting to use the SOAP api (Integrating Dwolla with PHP with their API) but I found out the SOAP API is deprecated and apparently Dwolla has more efficient way such as the REST/oAuth2.0 which is why I'm here today asking how to use the rest AP...
Xenland
8

votes
1

answer
1.7k

Views

(GitHub) API OAuth authentication for not-a-website applications?

The Beginning of My Confusion I'm working with GitHub specifically, but this seems pretty general. The GitHub docs state [formatting has been modified by me]: There are three ways to authenticate through GitHub API v3. ... Basic Authentication OAuth2 Token (sent in a header) OAuth2 Token (sent as a...
Kenny Evitt
8

votes
1

answer
3.2k

Views

How do I force OAuth2 access token expiration with DotNetOpenAuth

I'm implementing OAuth2 authorization/resource server based on DotNetOpenAuth. My server is going to issue access tokens with very long life time. These tokens are going to be used from iOS devices. The flow, the way I see it, is like this, 1) a user is asked to enter their username/password on iOS...
8

votes
1

answer
4k

Views

VK Oauth: Security Error

I'm trying to authorize my standalone application. But after I click 'Allow' it always redirects to http://oauth.vk.com/error?err=2 and gives this as response body: {'error':'invalid_request', 'error_description':'Security Error'} Here's the request URL (I do have correct client_id): https://oauth.v...
sigod
8

votes
3

answer
7.3k

Views

Good tutorial on Google Drive SDK and OAuth 2? [closed]

I want to be able to read in files on a website from a Google Drive account, which has made me pull my hair since the documentation for Google's services is so overwhelming (for me it is anyway, I have little experience with working with SDKs and APIs). I also realize that I need to use OAuth 2 auth...
Staffan Estberg
8

votes
3

answer
5.9k

Views

Spring boot rest service options 401 on oauth/token

I'm using spring boot to make a simple rest service. To consume it in Angular 2, I've got CORS problem when retrieving token on oauth/token endpoint. The error message in Chrome is below. error message zone.js:101 OPTIONS http://192.168.0.9:8080/api/oauth/token XMLHttpRequest cannot load http://192...
weijun
8

votes
2

answer
1.2k

Views

Django 1.7 google oauth2 token validation failure

I'm trying to get through the process of authenticating a Google token for accessing a user's calendar within a Django application. Although I've followed several indications found on the web, I'm stuck with a 400 error code response to my callback function (Bad Request). views.py # -*- coding: utf-...
Seether
8

votes
3

answer
11.7k

Views

ASP.Net MVC 5 Google Authentication with Scope

I'm trying to get ASP.Net MVC 5 Google OAuth2 authentication working correctly. When I set pass in a GoogleOauth2AuthenticationOptions without any scope, then I'm able to log in successfully. var googlePlusOptions = new GoogleOAuth2AuthenticationOptions { ClientId = googleClientId, ClientSecret = go...
Rob Gibbens
8

votes
4

answer
9.7k

Views

SSL throwing error 185090050 while authentication via Oauth

I am trying use Google's Oauth to connect to Google adsense and am getting this error. Any clues to fix it? Anyone has faced such a issue before in python? Traceback (most recent call last): File 'get_all_saved_reports.py', line 56, in main(sys.argv) File 'get_all_saved_reports.py', line 36, in mai...
Nish