Questions tagged [oauth-2.0]

5

votes
1

answer
1.6k

Views

Enter website by logging in Google Account using Python [closed]

I am making a website that makes graphs of the number of people present in groups (from www.codecamy.com). To achieve this I came with a plan. I will have a server which will poll the CodeCademy groups page (http://www.codecademy.com/groups) every 30 seconds and retrieve the needed information fro...
Flame_Phoenix
5

votes
3

answer
6.2k

Views

Login with facebook or google using Oauth2 library in symfony2

I am using fosuserbundle for login and registration in my symfony 2.6 project. Now I want to allow user to login via facebook or google account. I want to use Oauth2 library of friendsofsymfony getting from here https://packagist.org/packages/friendsofsymfony/oauth2-php I have installed library usi...
Maya Shah
5

votes
2

answer
3.7k

Views

Google / OAuth 2 - Automatic logon

I'm playing a bit with OAuth 2.0 in combination with some Google API. Although the authorization process is quite easy, I'm facing a problem with the automatic authorization after the initial authorization has been completed. So: 1. Authorization is done for the first time. (user grants access, I g...
Rhapsody
5

votes
1

answer
3.9k

Views

how to logout from oauth2.0 authentication of windows azure active directory authentication

We are using auth2.0 for windows azure active directory authentication where authentication is performed on https://login.microsoftonline.com/login.srf?wa=wsignin1.0&wtrealm=...... and after successful authentication we are redirecting to our site. for logout the site we delete all the cookies gener...
Abhishek
5

votes
1

answer
2.4k

Views

LinkedIn OAuth2.0 redirect url for iOS app without http or https

I think this might be a very simple setting issue and since I am very new to swift and LinkedIn API I might be doing this wrong: I am making an iOS app with swift and want to use LinkedIn to authenticate. For that, I created an application on LinkedIn Developer Network. But now I am not able to put...
Sumitk
5

votes
0

answer
272

Views

Location.hash empty only in Safari 7

I am attempting to authenticate with Constant Contact via OAuth2 in a popup window. I am using $.postMessage to send the data between windows, and for the most part, it works beautifully. My problem is with Safari. A normal request has a URL that looks like this: https://example.com/oauth-v2/#acces...
Channeleaton
5

votes
0

answer
676

Views

Cordova InAppBrowser inception: Open a child window inside the original InAppBrowser window?

Sorry for the confusing phrasing - this is about the third level of Cordova inception: a nested window, within an InAppBrowser window, within a CordovaWebView! Here's what I am trying to accomplish in a Cordova/Phonegap project: Load a remote page within an InAppBrowser window, then... Let the remot...
peteorpeter
5

votes
1

answer
2k

Views

How do you authenticate to a single Skydrive account and not ask the user for credentials?

I have a client that would like to use SkyDrive as a cloud storage for a web site. This website will not be asking the user of the site for their SkyDrive account to show them their files, but rather the owner of the website will be storing some files in SkyDrive and would like to share them with us...
Jon Hargett
5

votes
1

answer
2.6k

Views

GAE Golang - OAuth and OAuth2?

I'm trying to implement a Google App Engine Go application that will be using OAuth and OAuth2 for users logging in. I'm wondering if it is possible, and if so, how to do it? Can someone provide an example of this?
ThePiachu
5

votes
2

answer
391

Views

Can a user have two valid token at a time in oauth 2.0 for auth code grant type?

*I have simple question related to oauth token ,so my requirement is that user can have multiple scopes say A and B and he has generated token for it but later on he needs scope A and B both and his previous token is valid, So in that case Should we update the scope for the existing token ? Should...
Mohammad Faizan
5

votes
1

answer
1.4k

Views

How to get access token in Asp.net MVC5 Controller action from OwinContext

I am trying to use OAuth 2.0 with my Asp.net Mvc 5 application with salesforce. How can I get access token in controller action on authorization like - [Authorize] public ActionResult getToken() { // I want to get my access token here using some thing like this . String token = GetOwinContext().Get...
Ramashanker Tripathi
5

votes
1

answer
652

Views

Does the Gmail API support JWT?

I want to access the Gmail API using NodeJS. I'm using a server-to-server approach (see this) but when I execute the code below, I get a backEndError, code 500 from the Google API. Any ideas? var authClient = new google.auth.JWT( 'email', 'key.pem', // Contents of private_key.pem if you want to load...
vitorvigano
5

votes
1

answer
2k

Views

Oauth2; How to solve the issue with expired AccessToken during multiple async api calls , made concurrently?

I'm using Spring Security Oauth2 as a security layer in my application. Everything worked well until concurrently async calls appeared . Can someone tell me how to handle the next case : 1. The client has an accessToken which already has expired. 2. The client makes two concurrent async api ca...
Devin Konny
5

votes
0

answer
1.2k

Views

Creating Custom OpenId Provider for Oauth2 Spring Boot

I have used Oauth2 framework for authorization and access control for protecting my spring boot microservice api's. Oauth2 framework is working fine but now my Client wants a dedicated OpenId Provider for authentication purpose on top of Oauth2 framework. I have done some round of searching across G...
Alex Man
5

votes
1

answer
1.6k

Views

Google OAuth - Keeping the Client ID Secret

When using OAuth in the Google Cloud Endpoints JavaScript client, how do you preserve the secrecy of the client ID? How to implement 0Auth in the Google Cloud Endpoints JavaScript client is detailed here. In the code snippet below the client ID is passed as a parameter to the OAuth method. gapi.auth...
Marc M.
5

votes
2

answer
3k

Views

GAE doesn't import gflags

I'm trying to get oauth to work on Google App Engine (GAE), but I'm unable to import the OAuth2Decorator, because it tries to import gflags and fails. In command line I've ran help('modules') and gflags is listed, and I've ran import os + import gflags + print os.path.dirname(gflags.__file__) and re...
Graham Walters
5

votes
1

answer
1.2k

Views

Single Sign On With thinktecture IdentityServer v2

I'm running thinktecture IdentityServer v2 with two Relying Parties in my qa environment on Windows Server 2008 R2 Standard. IdentityServer is configured for two RPs, one using Federation the other with oAuth My first relying party (www.sitenumberone.com) is an ASP.Net Framework 4 web site using WIF...
TrevorBrooks
5

votes
1

answer
4.7k

Views

JwtSecurityTokenHandler says signature of JWT valid after changing 1 char

We are trying to validate the ID Token (IDT) presented to a .NET client application by an OpenID Connect Provider (OP). The IDT is what you would expect. Nothing unusual going on there. To verify the signature of the IDT, we can get the exponent and modulus from the OP by calling a public endpoint....
Travis Spencer
5

votes
1

answer
1.7k

Views

Not getting refresh token in youtube OAuth

I am doing server side oauth following this guide. I successfully completed the oauth but I am not getting refresh_token in Exchange authorization code for refresh and access tokens step: Request: POST /o/oauth2/token HTTP/1.1 HOST: accounts.google.com content-type: application/x-www-form-urlencoded...
Abhishek Gupta
5

votes
1

answer
134

Views

recent media instagram GET request returns status 200 but empty data

I am doing a simple GET request using this instagram API endpoint: https://api.instagram.com/v1/users/{USER ID}/media/recent?access_token={ACCESS TOKEN} I get the access token via OAuth2Authenticator from Xamarin.Auth plugin. I just notice today that the get recent media request is returning this...
Motumbo
5

votes
2

answer
2.2k

Views

How to use implicit grant type in OAuth 2.0 for mobile apps?

I have read a tutorial regarding OAuth 2.0 and implicit grant type. I still don't understand how implicit grant type will work for mobile (iOS or Android). For example if we create an SSO App (like Facebook) and make an SDK to give this service. Does the SSO app contacts the Authorization server pra...
Chan
5

votes
2

answer
1.6k

Views

How to force Angular to send request to server on HTML5 mode?

I m tring to build and web using angular and nodejs. I'm loading Angular on /home path where / contains login and registration form. Here is my angular configuration: window.app.config(['$routeProvider', '$locationProvider', function($routeProvider,$locationProvider) { $locationProvider.html5Mode(tr...
biborno
5

votes
0

answer
1k

Views

OAuth2 and Drive API, can't list/retrieve files

I have a web application that needs to list all files from my Google Drive and then fetch them when clicked. I use OAuth for authenticating and it seems to work (the same code works well with Calendar API). I tried different scopes in serviceAccountScopes with no avail. Basically authentication is:...
TKirahvi
5

votes
0

answer
708

Views

MVC 5, OWIN Google and Microsoft refresh_token

I am building a MVC 5 web application that uses cookie authentication as primary authentication method. Our application flow goes like this: First time user signs up with username/password to create an IdentityUser. User signs in with his username/password User associates one or more Google and/or...
jjarv
5

votes
1

answer
2.3k

Views

GoogleAccountCredential reuse auth - Google Drive

I'm using this method to auth to Google Drive: https://developers.google.com/drive/quickstart-android Choosing account is working great. Now I want to store user credentials in prefs. I can save account name and then resore it. I want to reuse credentials for future use. Is it possible to reauth us...
adek
5

votes
1

answer
1k

Views

Yahoo - OAuth2 - SocialAPI : Not returning “Access-Control-Allow-Origin” in initial response [duplicate]

This question already has an answer here: Ways to circumvent the same-origin policy 11 answers I am using Yahoo Social API for Contacts using OAuth2 via Javascript (as given here https://developer.yahoo.com/oauth2/guide/#implicit-grant-flow-for-client-side-apps) However, after successful authentica...
Raheel Hasan
5

votes
2

answer
941

Views

Google Developers Console - Oauth consent screen configuration doesn't save the input

I'm trying to connect my application with Google calendar to receive data. I registered a new application in Google Developers Console, activated Google Calender API and tried to configure the Oauth consent screen. There I selected my email address, entered a product name and tried to save it. What...
fooloomanzii
5

votes
1

answer
4.1k

Views

OAuth token validation from HAProxy or Apache mod_proxy

I have a microservice deployed on 3 nodes sitting behind a HAProxy load balancer all inside internal network. The services are protected using OAuth2 APIS authorization server. Now, I want to move the HAProxy to DMZ. And I want to reject requests that do not have auth token in the header and also va...
Ambal
5

votes
2

answer
953

Views

PrepareResponse().AsActionResult() throws unsupported exception DotNetOpenAuth CTP

Currently I'm developing an OAuth2 authorization server using DotNetOpenAuth CTP version. My authorization server is in asp.net MVC3, and it's based on the sample provided by the library. Everything works fine until the app reaches the point where the user authorizes the consumer client. There's an...
Daniel
5

votes
2

answer
5.2k

Views

Google API Authentication for server

I've been trying to get Google's Calendar API working in a PHP web application, but I'm having a hard time getting authenticated. What I want to do is to allow users to interact with calendars of a single account known by the server. Each type of scenario covered in the OAuth 2.0 docs talks about '...
andy
5

votes
1

answer
6.7k

Views

OAuth v2.0 in combination with ASP.NET MVC 4 Web API

I’m trying to build a Web API that uses the oauth 2 standard to authenticate users with my existing application where the Web API communicates with. Therefore I want to setup a oauth 2 server/service that checks the users with my existing applications that has users and roles. Unfortunately I can...
jfamvg
5

votes
1

answer
1.2k

Views

Spring Oauth2 client credentials flow example

I am trying to implement service to service security into spring boot services using spring oauth2. I want a service to access a secured resource of another service without any user action involved. There are a lot of examples for authorization code grant type, but not very much about the client cre...
Tom Saenger
5

votes
2

answer
583

Views

Reddit oAuth 2 for Android “userless” app with Retrofit

I'm trying to implement the Reddit oAuth2 (every app that utilizes Reddit content has to have this implemented) in Android based 'userless' application and I'm following the guidelines. I registered an app and get the respective client_id. I'm following this for API guidelines and this for Retrofit...
ViksaaSkool
5

votes
3

answer
4.7k

Views

Accessing Google Contacts Api via OAuth 2.0 and private key aka Service Account

I am currently implementing access to Google Contacts via OAuth 2.0 and a so called Service Account. The service account is generated for an ordinary user like '[email protected]'. The code to generate the OAuth 2.0 credentials is: public static GoogleCredential getCredentials() throws GeneralSecuri...
Ra_
5

votes
2

answer
735

Views

Google Oauth flow in Meteor

Within a Meteor app, can anyone guide me to how to allow users to simply Oauth Google? There's the accounts-google package, but I don't want users to be able to login with it, just oauth and store credentials. The docs mention 'If you just want to authenticate to an Oauth service like Twitter, Faceb...
99miles
5

votes
1

answer
6.1k

Views

Using Google API with spring-security-oauth2.0

I've searched here a bit but could not find an answer to my issue. I implement oAuth client with spring-sec-oAuth 2.0 (1.0.0.RC2a). After properly setting the beans.xml, I happily get a valid token and all looks good. Then, I want to use Calendar APIs - I'm not sure how do I make the call to get the...
OhadR
5

votes
1

answer
798

Views

Google OAuth 2.0 incremental authorization not working

I have a server-side application that needs access to a combination of Google APIs, for some users of our app we only need access to one API/set of scopes (say Google Drive), for other users to another API/scope (say G+), and for some we need access to both (users can link to the other part of the a...
David
5

votes
2

answer
893

Views

How / where to store refresh token on Android?

I'm writing an app that uses OAuth. I know I can store the auth token using accountManager.setAuthToken, but where do I store the refresh token? I suppose I could use accountManager.setUserData or shared preferences, but they both seem hackish. Suggestions?
DiePartei
5

votes
2

answer
523

Views

How to avoid showing consent screen in our own native apps when external authentication?

Background We have developed a web application featuring a rest-api using oauth2/oidc and support for third party apps We have developed our own native apps for android and ios. Currently they retrieve a long lived token from user credential flow (no consent screen needed). We are currently extendin...
David Ernstsson
5

votes
3

answer
913

Views

Devise Google Oauth works perfectly but doesn't sign-in on user creation, requires additional log on

I have Devise running on my Rails 3.2 application. Google Oauth is used to sign in. New Users attempt to sign in with Google and are redirected to the sign-in page without being signed in. I check the DB and the User's accounts are created with the correct credentials (everything is correct except I...
godzilla3000