Questions tagged [oauth-2.0]

6

votes
1

answer
1.5k

Views

Google Cloud Endpoints authentication using webapp2 sessions

The client of my Google Cloud Endpoints API is an JavaScript (AngularJS) web application hosted on the same Google App Engine application as the Endpoints API itself. My users authenticate using webapp2 sessions (datastore). They don't necessarily have a Google account. I want to be able to do a req...
Korneel
6

votes
3

answer
2k

Views

Accessing public Instagram content via Instagram API without expiring accesstoken

i want to show public contents from instagram related to a specific hashtag (everything works fine with that) but i can't to renew the access_token everytime it expires. ('do not assume your access_token is valid forever.' - https://www.instagram.com/developer/authentication/) To renew it manually i...
nipeco
6

votes
4

answer
3.7k

Views

Should I verify HTTP Referer in OAuth 2 Callback?

I am successfully able to authenticate Facebook and Google accounts using my Oauth2 servlets. I am using state with a timer and a session cookie to try to verify that it is indeed a legitimate Oauth callback. Is there any benefit if I also examine the HTTP Referer header to ensure that I was redire...
necromancer
6

votes
1

answer
5.2k

Views

OAuth REST access_token and instance_url expiry time?

I am working with Oauth2.0. In that i could able get the access_token and instance_url. Is there any expiry time for these two. Can I store them and use it for all my REST calls without getting the new access_token and the instance_url. Is it possible for me to use it for long hours or even days.
Easwaramoorthy K
6

votes
1

answer
4.9k

Views

Google Oauth2.0 web application's “Authorized redirect URIs” must end with a public top-level domain (such as .com or .org)?

When create a Google API Oauth2.0 Credentials on Google Developers Console, I choose 'Web Application' Application type. In the 'Authorized redirect URIs' field, I can use http://127.0.0.1/callback, it work fine for me on local development. but when I want to use Google API Oauth2.0 Credentials on m...
GoTop
6

votes
2

answer
1.4k

Views

register new user from api route using laravel passport

I have installed laravel 5.3 and passport pakage. I followed the documentaition step by step I can use the following route POST /oauth/token with the following parameters username password client_secret grant_type client_id and I get the following response { 'token_type': 'Bearer', 'expires_in': 31...
Yousuf Rabee
6

votes
0

answer
499

Views

Techniques to refresh an access token using OAuth 2 on iOS platform

I'm writing an app that uses OAuth 2 (third-party app that uses Google Account) fot make the auth. The auth is composed of 2 steps. GET request to obtain the code POST request to exchange the code obtained in the 1st step with an access_token and a refresh token. When the access_token (about 5 min)...
Usi Usi
6

votes
2

answer
3.8k

Views

How to fetch google analytics realtime activeUsers in php?

I downloaded API files from https://github.com/google/google-api-php-client and tried below code... $client->setApplicationName('Analytics'); $client->setDeveloperKey('key'); $service = new Google_Service_Analytics($client); $optParams = array( 'dimensions' => 'rt:medium'); try { $results = $service...
jpk
6

votes
1

answer
253

Views

Go client to access GAE login required apps

I wanted to authenticate myself (Google Account) using a golang client against protected apps on Google App Engine where login: required or login: admin is specified in app.yaml. First I wrote a simple OAuth2 offline access client but it didn't work at all - the server just redirects clients to Goog...
yaegashi
6

votes
1

answer
864

Views

Google OpenID Connect: How to verify id_token?

I create Backend server, which gets the ID Token from mobile application (iOS). How can I verify that this token is OK and can be used it securely? Official Google's documentation about validating token: https://developers.google.com/identity/protocols/OpenIDConnect#validatinganidtoken It recommends...
nicq
6

votes
3

answer
9.4k

Views

How to get OAuth token from CloudFoundry

I want to get data from cloud foundry using curl, but I'm not able to authenticate (oauth against CF). Please, could someone point me to and example how to get oauth token? I want to use login name and password. Thanks
Pat
6

votes
2

answer
3.3k

Views

How to check if user is logged in or not with “Google Sign In” (OAuth 2.0)

I am implementing Google log in for the first time as described here and here. I am using HTML with Javascript. The problem that needs solving is as follows: How can I, after the initial login, on a different page (say a landing page, or portal that the user sees after logging in), check if the user...
jordan.peoples
6

votes
1

answer
2.4k

Views

No api proxy found for service “memcache” in OAuth2.0 dance

I trying to implement OAuth2.0 to my app and I got a problem, which I can't fix now. The error is: Traceback: File '/home/i159/Envs/photorulez/lib/python2.6/site- packages/django/core/handlers/base.py' in get_response 111. response = callback(request, *callback_args, **cal...
I159
6

votes
2

answer
731

Views

oauth token sharing multiple applications

My applications structure is like below - https://democompany.com/ https://democompany.com/app1 https://democompany.com/api User logs in at main website url https://democompany.com/logon.aspx which is a asp.net webforms application. app1 application is an angularjs application which uses /api app....
Yousuf
6

votes
0

answer
121

Views

Google OAuth 2 Refresh Token is Missing for Web App but Present for localhost

Problem: Missing OAuth 2 Refresh Token. The problem is that the localhost version receives a Refresh Token as part of the granted token but the same code running in GCE does not. Details: I have written a Python Flask application that implements Google OAuth 2.0. This web application runs in the clo...
John Hanley
6

votes
2

answer
2.1k

Views

spring security oauth2 (2.0.8) getting Invalid access token used InMemory tokenstore

Trying to implement spring security oauth2 in my application. I am able to get access token and refresh token using : http://localhost:8080/xApp/oauth/token?username=user1&password=password&grant_type=password&client_id=xApp&client_secret=xApp { 'access_token': '798c7e71-983b-4137-a0cb-ceae4e9b4190'...
Karthigeyan
6

votes
3

answer
11.1k

Views

working oauth2 provider server implemented on java

I am searching a working oauth2 provider server implemented on java, leeloo and spring security are some that I have found, but there is no working example. https://github.com/SpringSource/spring-security-oauth/wiki/tutorial https://bitbucket.org/smartproject/oauth-2.0/wiki/Home
user989590
6

votes
2

answer
174

Views

Python OAuth2 server with social networks for a RESTfull API

I'm trying to implement OAuth2 server for a RESTfull API with a login option through social platforms (Github, Facebook, Instagram) using Python and Falcon web framework. But I've struggled to understand how this thing should work. My current understanding led me to the following scheme: 1.1. On the...
Vit D
6

votes
1

answer
5.6k

Views

accessing to /api methods in oauth2 server

Im trying to create an oauth2 server based on FOSOauthServerBundle, FOSRestBundle and FOSUserBundle. I created a demo application to test the my oauth-server and it failed receiving the data via the GET reguest (received 401 error ' error='access_denied', error_description='OAuth2 authentication re...
user1976651
6

votes
0

answer
800

Views

Spring security's @EnableWebSecurity vs oauth's @EnableResourceServer

I have a system using Spring Boot, Angular 2, Spring OAuth 2 where I have implemented security using @EnableWebSecurity and implemented oauth using @EnableResourceServer and @EnableAuthorizationServer in a same application. Following are the implemented classes: SecurityConfig.java @EnableWebSecurit...
Sushil Paudel
6

votes
1

answer
17.3k

Views

OAuth 2.0 Generating Token and Secret Token [closed]

I am implementing the OAuth 2.0 provider server using Apache Oltu framework, looking for some idea on how to generate the access token and secret tokens in java. Please advise.
willsteel
6

votes
3

answer
6.5k

Views

How to create Google API OAuth Credentials object from alternate source

I am working with this simple Google API example: import httplib2 from apiclient.discovery import build from oauth2client.client import flow_from_clientsecrets from oauth2client.file import Storage from oauth2client.tools import run # Path to the client_secret.json file downloaded from the Developer...
oliakaoil
6

votes
1

answer
410

Views

How do I use the appengine/urlfetch package with goauth2?

The goauth2 package has an example use. But on app engine, the normal http.Client isn't available. How do I use the app engine urlfetch package with goauth2?
mjibson
6

votes
3

answer
1.3k

Views

Embedding client Id in chrome extension

I am building a chrome extension which will interact with salesforce-chatter api. But for a user using oAuth(User agent flow) authentication, I need to embed my client key in my extension. Will this cause any security problem? Or is there a way to use oAuth without embedding client id in my extensi...
Selvaraj M A
6

votes
3

answer
7.8k

Views

Are there OAuth 2 server side PHP or Java implementations? [closed]

If there is more then one implementation, which one is better/mostly maintained? Specifically for OAuth 2.0 Draft 12.
fudge
6

votes
3

answer
7.1k

Views

Why should you base64 encode the Authorization header?

Twitter's API requires sending an Authorization header that is a base64 encoding of an API key concatenated with an API secret key. In Node, I use: var base64 = new Buffer(apiKey + ':' + apiSecret).toString('base64'); The header sent becomes: Authorization: 'Basic ' + base64 What is the point of bas...
skaterdav85
6

votes
2

answer
677

Views

What is the meaning of scope = scope-token *( SP scope-token ) scope-token = 1*( %x21 / %x23-5B / %x5D-7E ) in RFC6749 about OAuth2

What is the meaning of scope = scope-token *( SP scope-token ) scope-token = 1*( %x21 / %x23-5B / %x5D-7E ) in RFC6749 3.3. Access Token Scope?
Boreas320
6

votes
1

answer
1.6k

Views

How to create a parse _User account from a Android Google token?

I've found some fragments of useful information. http://blog.parse.com/announcements/bring-your-own-login/ shows me how to login an Android app once I have a Parse token. I can successfully obtain a Google token for a phone's Google account. https://developers.google.com/android/guides/http-auth /**...
fadedbee
6

votes
2

answer
3.2k

Views

Sample code for calling Marketo Rest Api in .net/c# [closed]

Does anyone have an example of calling a Marketo Rest API from .net/C#. I am particularly interested in the oauth authentication piece. http://developers.marketo.com/documentation/rest/authentication/ I plan to call this endpoint http://developers.marketo.com/documentation/rest/get-multiple-leads-by...
Cameron
6

votes
4

answer
3k

Views

Problem getting access_token after migrating to OAuth 2.0

I have tried migrating my app to the OAuth 2.0 routine. I am having trouble getting the access_token from the cookie set by the JavaScript API. I decode the information in the cookie, but instead of an access_token and the user information I get a code. This seems like a rather weird change. Is ther...
Kasper Vesth
6

votes
2

answer
4.1k

Views

How to get client secret from Google Developers Console in iOS?

Currently i am working on one of old project within that there is a client id and client secret. Now i want to update those with new client id and client secret using another Developer account. I followed each and every step from https://developers.google.com/+/mobile/ios/getting-started Google API...
Shrikant K
6

votes
1

answer
5.7k

Views

Using a Service Account, getAccessToken() is returning null

I am running the following PHP code, using the client libraries found here: https://code.google.com/p/google-api-php-client/. I do not get any errors for any of this code, but when I call getAccessToken(), it returns null. I have allowed access to this service account on my personal calendar, and...
allicarn
6

votes
1

answer
2.1k

Views

How do I use OAuth2 in a command line tool to access an application hosted on Google Appengine?

I have an application hosted on google app-engine (http://spititan.appspot.com). I also have a command line tool to access that application through ClientLogin. The code snippet is as following: 138 # get an AuthToken from Google accounts 139 auth_uri = 'https://www.google.com/accounts/ClientLog...
spititan
6

votes
3

answer
3.8k

Views

yii2, google outh2 and scope

I am using Yii2, GoogleOAuth and yii2-user extension. I want to receive user google circles and set scope to my config: 'authClientCollection' => [ 'class' => 'yii\authclient\Collection', 'clients' => [ 'google' => [ 'class' => 'yii\authclient\clients\GoogleOAuth', 'clientId' => '758709912345-p4qp4l...
1Pauletto
6

votes
1

answer
1.6k

Views

FB auth.logout is being raised after being logged in using the “server-side-workflow” (OAuth 2.0)

NOTE: Our (web) application was working fine until we upgraded to the Oauth 2.0 workflow this past weekend. When a user 'connects with facebook' to our (web) application we log them in to Facebook using the 'server-side-workflow' described in the Facebook Authentication docs. However, Facebook is ra...
Jason
6

votes
2

answer
6.5k

Views

HTTP Basic Authentication + Access Token?

I am developing a REST API that I plan on using with a web and IOS app. I intend for this API to be private for sometime (private meaning I only want my web app and ios app to access the api). I have read about many different authentication methods but I am still to confused to select the appropriat...
Alex Lacayo
6

votes
2

answer
14.4k

Views

Best way to use Google APIs using OAuth 2.0 on Android

I'm trying to migrate an Android application using OAuth 1.0a to OAuth 2.0. (using the Google API Client Library for Java/Android for my OAuth 2.0 needs). What is the best/preferred solution for accessing Google APIs using OAuth 2.0 on an Android platform that takes into account the usability aspec...
ddewaele
6

votes
2

answer
2.6k

Views

Google oauth 2.0 API password change Username and Password not accepted

I have a form using nodemailer, xoauth2 with google APi oauth2, I updated the password last week and since then my app hasn't worked and I get: '535-5.7.8 Username and Password not accepted. Learn more at\n535 5.7.8 I've tried deleting the app and creating a new one, but its doesnt seem to pick up t...
Graeme Paul
6

votes
1

answer
2.6k

Views

Suggestions for OAuth2 libraries for integration with Jersey? [closed]

I am working on making Jersey web services available using OAuth2 to other clients and am having a tough time finding libraries that tie in nicely with Jersey. So far I have looked at the following libraries. http://static.springsource.org/spring-security/oauth/support.html We got the demo working,...
Ransom Briggs
6

votes
4

answer
2.3k

Views

OAuth: how to set dynamic callback URL?

I have incorporated Satellizer into my app with a variety of social login providers (Facebook, Twitter, Google). My stack consists of: AngularJS (UI Router) and NodeJS/Express. I seem to be encountering a challenge setting up dynamic callback URLs for user authentication. My app does not have a cons...
Matt