Questions tagged [oauth-2.0]

1

votes
1

answer
1.9k

Views

Spring OAuth2RestTemplate loses token when configured to use JWT

I have a series of microservice projects configured to use Spring Boot and Cloud OAuth2 SSO. It has the following components: Spring Boot 1.3.0 Spring Cloud Brixton.M3 auth server has Spring Boot 1.2.7 and Cloud Angel.SR4 Zuul Proxy (gateway) Auth server Resource Server UI Server Eureka Server The...
Tim Webster
1

votes
3

answer
401

Views

Unable to register Proximity API in Google Developer Console

I'm trying to register for Google Proximity API in Developer Console. I'm refering Google Github Link. Current Status : I've started with the sample project available at the Google Github Repository. I have created android key and OAuth Client ID using the package name of the project and SHA1 using...
Akshay Soam
1

votes
2

answer
546

Views

WSO2 IS 5.1.0 as OAuth/OIDC IdP response with different claims on UserInfo endpoint

Anyone know why if I make a call to /userinfo endpoint I obtain different JSON response? Specifically: When I make a call with curl from command line, like $curl -k -H 'Authorization: Bearer 2bcea7cc9d7e4b63fd2257aa31116512' https://localhost:9443/oauth2/userinfo?schema=openid I obtain as response t...
giovanni
1

votes
1

answer
3k

Views

Integrate facebook login in google app engine with python

I created google app engine app. In that i used google direct login as well as login with openid. openid i integrate using do_openid_login.py as google document suggested. Now i want integrate facebook login too. So how could i integrate facebook login?
Sagar Kanabar
1

votes
1

answer
930

Views

Google + OAuth2 Callback to Angular

I am having problem implementing Google Plus Web Server authentication https://developers.google.com/accounts/docs/OAuth2WebServer I have implemented most of the steps, until the last step, I have no idea how to make a callback with token to my Angular.JS, I found an article which solves my problem...
Tim
1

votes
2

answer
265

Views

Passport.js login event function not being called

I am using the following code in express with passport: var GAuth = require('passport-google-oauth'); passport.use('google', new GAuth.OAuth2Strategy({ clientID: GID, clientSecret: GSECRET, callbackURL: 'http://localhost:3000/auth/google/callback' }, function(accessToken, refreshToken, profile, done...
Gabriel Ratener
1

votes
1

answer
1.2k

Views

Google Oauth2.0 with Python: How do I limit access to a specific domain?

I'm trying to understand how to limit access to my application when using this Python Oauth2.0 example. I've seen places where you can add an hd=domain.com to the end of an authorize_url but that doesn't work for me. Can anyone shed some light on how to limit access to my flask app based on this ex...
dirty_joker
1

votes
2

answer
185

Views

How to Implement Google OAuth?

Actually i'm new to Google OAuth, i referred as many resourceful URL's as possible but no where they gave a detailed resources of understanding of how to implement Google OAuth in the Java application that i'm building i.e,. with best examples. Can anybody share or guide through best URL's for imple...
Dunston
1

votes
1

answer
787

Views

Validate Thinktecture OAuth Token in web api

I'm attempting to use Thinktecture identity server to secure a web api with an angularjs front end. I'm able to get an OAuth token from Identity Server via the api controller with the following code: [HttpPost] public async Task LogOn(UserModel userModel) { System.Net.ServicePointManager.ServerCert...
Rajdeep Dosanjh
1

votes
1

answer
850

Views

Google oAuth v2 - user profile - country parameter missing

I would like to get the user's country info as specified in the documentation [1]. I tried using the Google API explorer and the samples, and still cant get the country info. I even tried updated the test account's profile info. [1] https://developers.google.com/accounts/docs/OAuth2Login [2] https:/...
blacks0ul
1

votes
1

answer
992

Views

OAuth and sticky sessions

I use OAuth 2 for authorization and need to implement it in a load balanced cluster. I've considered a few approaches, but it seems there is no way around a centralized approach. Here are my thoughts: 1. Balancing using source IP Caching the tokens on one server and balancing by IP would be ideal, h...
Erik Aigner
1

votes
1

answer
0

Views

Google plus deprecation, Does already implemented OAuth 2.0 based sign in flow do required major changes?

Relevant stackoverflow ticket: signin for server-side apps and plus deprecation As mentioned in above stackoverflow question by David, We also have already implemented google sign in with OAuth 2.0 based flow, we are not passing any scope details & after google authentication when return back to our...
Jaymit
1

votes
2

answer
196

Views

WebApi Get access Token from HttpContext

I'm trying to get the logged in users access token from the HttpContext in my Api I'm using .Net-Core 2.1 : [HttpGet] public async Task Test() { var token = await HttpContext.GetTokenAsync('access_token'); return true; } Authentication Configuration is setup like so: services.AddAuthentication(COOK...
johnny 5
1

votes
1

answer
435

Views

Is it OK to include the OAuth scopes inside a JWT?

I am adding an OAuth authorization server endpoint to my existing application. I am planing to issue JWTs from the OAuth token endpoint. When a token issued for specific OAuth scopes, it looks better to embed the scopes for which the token is issued inside the token itself, because it is easier to v...
Lahiru Chandima
1

votes
1

answer
70

Views

Accessing user data in cloud storages implicitly

Assume a user uses my application to connect to an external cloud storage (Dropbox, Google Drive, etc) through OAuth2 - and I acquire an access token to his storage to perform actions on his behalf, with his full consent. Assuming this is fully explained to the user prior to him proceeding with the...
Shakkalakka
1

votes
1

answer
103

Views

Gmail API - Scope

I am using a service account and domain wide delegation described here and I am able to get all emails from all email accounts on that specific domain. The scope that I am using is https://mail.google.com/ Is there any way that I can exclude some email accounts (for example admin email accounts) fr...
lost in binary
1

votes
1

answer
586

Views

Refresh Token request returning new refresh token?

I'm using Oauth2 on my own Web API and ASP.NET C# to consume that API on a web app. On my web app, I'm making HttpWebRequests. When my access token expires, I'm calling a method 'RefreshToken' that makes a request to get a new access token. This works beautifully without issue...except that the r...
Andy
1

votes
2

answer
1.2k

Views

Exchanging OAuth2 Access token with user info

I'm trying to implement OAuth authentication for my application which consist of a frontend and bunch of microservices. I'm plan to use - kong and it's my firstime implementing oAuth but wondering how do I exchange the access_token to get the user info ? Thanks
1

votes
2

answer
1k

Views

Exception: Required option not passed: access_token

I am getting this error while trying to login with Google in Codeigniter only at first attempt Fatal error: Uncaught exception 'Exception' with message ' in ..../application/libraries/OAuth2/Token/Access.php on line 44 Exception: Required option not passed: access_token in ..../application/libraries...
Sachin Vairagi
1

votes
1

answer
197

Views

OAuth2 Authentication to Gmail throws SunCertPathBuilderException/SSLHandshakeException

In my app i authenticate to Gmail using the OAuth2Authenticator from this Google example to receive Emails via Imap. The code works perfect, but the last days some users reported an error that occurs when they try to connect to Gmail. sun.security.provider.certpath.SunCertPathBuilderException: unabl...
dom41
1

votes
1

answer
3.2k

Views

Cannot get Access Token

I am using OAuth 2.0 for Authorization process. I have requested for Authorization Code with this url: https://www.box.com/api/oauth2/authorize?response_type=code&client_id={MY_CLIENT_ID} Then I was redirected to box.net login page for authorization. I have entered credentials for my Box.net accoun...
user2060413
1

votes
3

answer
1.6k

Views

Using AppIdentityCredential with Google Drive API

I am using Google App Engine Identity to access Google Drive API of a Google Apps user. I have inserted GAE URL in Manage API client access in Google Apps, with the right scope. AppIdentityCredential credential = new AppIdentityCredential(Arrays.asList(DriveScopes.DRIVE_FILE)); HttpTransport httpTra...
user1454172
1

votes
2

answer
97

Views

easiest/quickest way to convert functionality provided by a php script, into an API

I have a set of PHP scripts that are directly executed-- now I want to convert the core code (ie the functionality provided by the PHP scripts into an API-- I would also want the API to use OAuth2 for authenticating a user (before the API can actually be used by the authenticated user...) What is th...
Arvind
1

votes
1

answer
306

Views

something messy with enable-app-engine-project

I'm following this tutorial https://developers.google.com/bigquery/articles/dashboard#downloadinstalllibraries Here they say that cd source/ enable-app-engine-project hellodashboard/ which will copy some 60 files into the project directory.But i saw only some 10 files copied.And the oauth2client fo...
iJade
1

votes
1

answer
315

Views

OAuth2.0 Authentication for Google API's without using Account Manager on Android

I would like to know if it is possible to authenticate user accounts on Android for Google API's without Account Manager handling it. I do not want to add the account to the device but would want it such that email id and password are stored in the app database and the authentication performed by re...
Minerva
1

votes
1

answer
387

Views

Does Google support 2-Legged OAuth 2.0 for IMAP?

Does Google support 2-Legged OAuth 2.0 for IMAP? I know Google supports 3-legged OAuth 2.0 for IMAP, but I can't find any documentation for 2-Legged OAuth 2.0 for IMAP.
Saqib Ali
1

votes
2

answer
2.7k

Views

'No grant type specified' error when testing OAuth in Stripe

I am testing OAuth process of Stripe in PHP. I am able to get authorization code in request in landing Page. But when i do cURL request to get access token from authorization code, I am getting an error, which says No grant type specified. Following is my code for the Landing Page so far: And this...
Chirag B
1

votes
1

answer
1.4k

Views

Invalid OAuth2 token in GAE/GWT java app

I am developing an GWT/GAE java application which simply gets the users location via GWT geolocation implementation (works very well) on button click should write the latitude, longitude and accuracy into a Google spreadsheet When I click on the 'save to spreadsheet' button, I am getting the followi...
juriwiens
1

votes
2

answer
1.2k

Views

Google Apis .Net - Getting Analytics data

I'm trying to use the Google.Apis.Analytics.v3 (1.7.0.81-beta), to get some basic analytics data out. I've been searching a lot for examples and help, but most seems to be deprecated. This is was i got right now: var serviceAccountEmail = '[email protected]'; var certificate = ne...
Christian Bekker
1

votes
2

answer
10.1k

Views

Consuming a RESTful web service using Apache Camel

I am trying to consume a restful Web service using camel. For that I am configuring dynamic endpoint url as the RESTful url is created at the runtime. Everytime I am checking if the particular endpoint url is registered as a route in my camel context using following method of CamelContext class. End...
nilotpal barman
1

votes
1

answer
565

Views

Can Oauth2 replace session (or other similar means) to keep user login information at server side?

I'm a little new to this and please bear with me if I ask dumb questions. As what I know, session is something saved at server (either in file or in database), and client access it via sessionid saved in cookie. To keep user login information, we can simply put a 'logged_in' column and an 'expired'...
user534498
1

votes
1

answer
447

Views

Laravel, what is better normal authentication or Passport?

I am developing a web app and I am very curious about Passport, perhaps I don't quite understand if its basically better for authenticating using Oauth2 as a open standard than regular Laravel authentication since my app is not authenticating through another server? Can you please advise? Thanks for...
mkmnstr
1

votes
1

answer
1k

Views

Bad request 400 when exchanging refresh_token for access_token with box.com

I have successfully done this in the past for other services, however with box.com I get an error and I've tried everything I could think off and that others have suggested here. I'm using .NET C#; string postdata = ''; postdata += 'client_id=' + HttpUtility.UrlEncode(client_id) + '&'; postdata += '...
bleze
1

votes
1

answer
132

Views

How to authenticate user with google on page load whitout login button?

I'm working on a project where I need to include Google authentication, but my superior would like to have it in a different way, when the page loads, it checks if the user is Logged In into Google, and if it is then gets the users email address. My question is that is it possible to send an author...
user2992130
1

votes
1

answer
709

Views

How to display external API Oauth Dialog for Google Sheets AddOn

I'm playing around with building an app to integrate a 3rd party API into google sheets using app script and the new AddOn API's for google docs. I've got the Oauth2.0 flow working by adapting this code here. This works, but I don't want this app to be a standalone web app - I just want to add anoth...
tknickman
1

votes
1

answer
2.5k

Views

retrieving Instagram access_token via api in c# a

In order to make request to the instagram api. I require an access token. Which is documented here. http://instagram.com/developer/authentication/ These access token can change so i need to lookup via the api to get the 'code' and then the access token. Most of the examples i see online prompt th...
frosty
1

votes
1

answer
1.5k

Views

“Invalid_client” generating oAuth2 token for Adwords API

I'm trying to set up oAuth2 for my google adwords api authentication method, however I'm running into an issue with getting my access and refresh tokens. I ran the OAuth2TokenGenerator program, but it's throwing an error: 'Invalid_client'. I've been using ClientLogin originally for my sandbox accoun...
Rivka
1

votes
1

answer
309

Views

Authentication in hyperledger-composer app with OAuth2.0

I have built a hyperledger-composer application (angular front-end, connecting to composer-rest-server), from which, so far, authentication is missing. Here is what I understand: 1.) An identity needs to be issued for each participant in the network 2.) A business network card needs to be created fo...
steady_progress
1

votes
1

answer
188

Views

OAuth 2.0 Server

I'm trying to setup a private oauth2-server for usage with Android. I don't want any 3rd party-server to authorize, so my question is how to do this? I had a look at Apache Oltu, but I haven't been able to find any HowTo to setup the server. Are there any instructions available or could someone who...
user2460623
1

votes
1

answer
559

Views

http error 400 with “meetup” API

I'm trying to hook my website to Meetup.com. Instructions Everything works when I request authorization. However when I try to get the access token, I keep getting: http error 400: bad request. Here is my code: def meetupauth(request): r =request.REQUEST code = r['code'] state = r['state'] consumer...
anc1revv