Questions tagged [oauth-2.0]

3

votes
1

answer
528

Views

Redirect_uri when trying to exchange an authcode from backend server when the authcode was received in an ios app

I have an ios app and a web app that gets authorization from users and generates an authcode and sends it to the backend java servlet which tries to exchange the authcode for access & refresh tokens. Exchanging the authcode from the web app is working but for authcodes generated from the ios app i'm...
Ronok1307
3

votes
0

answer
405

Views

OAUTH 2.0 Authorization Code flow and API key in Authorization header

We are creating Spring Boot REST services that registered third parties can use. We provided the third parties with a unique API key in JWT format, containing authorizations for that party to the services it can use. The JWT is securely provided to the third parties and they need to include it in...
Frederik Byl
3

votes
2

answer
225

Views

23andMe API error: 'No grant_type provided.' 'invalid_request' OAuth2

I'm authenticating with the 23andMe API with OAuth 2. I'm able to receive the code after the user grants access. I'm currently trying to send a post request to receive the access token. I continue to receive this error: data: { error_description: 'No grant_type provided.', error: 'invalid_request'...
vincentjp
3

votes
0

answer
181

Views

Rails google analytics apis error

What does this error signify? Missing token endpoint URI. highlighted at @account_summaries def analytics client = Signet::OAuth2::Client.new(access_token: session[:access_token]['access_token']) service = Google::Apis::AnalyticsV3::AnalyticsService.new service.authorization = client @account_summar...
arjun
3

votes
3

answer
7.9k

Views

RestAssured oAuth2 http status code 401

I'm trying to implement integration test using RestAssured library and Spring MVC REST oAuth2 secured endpoint. This is my test: @Test public void testCreateDecision() throws Exception { File createDecisionJsonFile = ResourceUtils.getFile(getClass().getResource('/json/decisions/create-decision.json'...
alexanoid
3

votes
1

answer
1.2k

Views

Why does CF UAA check_token endpoint need a clientId/clientSecret?

CloudFoundry's UAA has a RemoteTokenServices class (part of Spring oauth2 too) that does the authorization token validation by going to the UAA server's check_token endpoint. UAA has sample api and app applications that serve as a resource server and a client application respectively. From the sampl...
Márton Sereg
3

votes
3

answer
4.9k

Views

OAuth integration in iphone app

I have one problem regarding OAuth integration in iPhone App. Can anyone help me how to integrate OAuth 2.0 with facebook in iPhone ? I have referred so many sites about OAuth but I haven't got satisfied answer yet. I referred this question of stackoverflow. There is one good option about ShareKit....
Chintan
3

votes
0

answer
666

Views

Using OAuthWebSecurity with Salesforce

I'm trying to get an ASP.NET MVC site to accept Salesforce as an authentication provider, but I am not having any luck. I'll start out with the IAuthenticationClient I have so far: public class SalesForceOAuth2Client : OAuth2Client { private readonly String consumerKey; private readonly String consu...
Brad Christie
3

votes
0

answer
236

Views

Refresh Token Google Drive Api

I have the following code which gets access credential for my app and stores them in a file so that I do not need to login again. However, the access token is valid for 1 hour, how can I use the refresh token with the existing code to get valid credential without bothering the user to do it manually...
user3800207
3

votes
1

answer
70

Views

How to handle OAuth 2.0 with a REST API for public and private application?

Currently, I'm working on a REST API which will be available for public clients but also I wanted to use it in my mobile application. For the public clients, I considered to use the Clients Credentials grant, in this case, they would have to registered their app in my Web application which will giv...
oscar.rpr
3

votes
1

answer
1.2k

Views

Using gspread with OAuth2 SignedJwtAssertionCredentials

I am trying to access my google Spreadsheet using oauth2 using the gspread Python Library.I am new to Oauth2 and understand its benefits.But I am unable to use it.So far I have visited https://code.google.com/apis/console/ and generated CLIENT ID,SECRET and REDIRECT URI. credentials = SignedJwtAsser...
Dave Smith
3

votes
1

answer
672

Views

Create API for website [closed]

I need to create public api for my website, like http://instagram.com/developer/ API or dropbox API. I want to use oAuth2.0. I need very basic functionality like getting user information, upload ,download, get, delete data etc. I need to have SDKs in different languages like PHP, Java etc. My webs...
Asghar
3

votes
0

answer
448

Views

Objective-c [GPPSignIn sharedInstance].homeServerAuthorizationCode is nil

I'm stuck since a few days ago on a...strange problem, when I authenticate in the Google API in my iOS app, using the GPPSignIn shared instance, the homeServerAuthorizationCode is nil, and there is no error :o I have to signout the user and the re-authenticate to get this code to send to my server :...
Bilkix
3

votes
0

answer
125

Views

Error while getting the OAuth token from AAD for AppPrincipalId

I am creating HDInsight using Data Lake Store using service principal via Template Deployment(shell script). While I run the deployment script I got the following error after the initial cluster creation of Spark HDInsight cluster. Error is : At least one resource deployment operation failed. Please...
sathiyarajan
3

votes
1

answer
3.6k

Views

Exchanging Authorization Code for Access Token for Google Calendar API with VBA and Oauth2

After successfully obtaining the authorization code, I am having trouble exchanging it for an access token and refresh token while trying to access the Google Calendar API. I get Error 404 Not Found. Here is my code: Dim getTokenUrl As String getTokenUrl = 'https://accounts.google.com/o/auth2/token'...
autoKarma
3

votes
1

answer
854

Views

How to use OAuth2 within django-rest-framework?

I've been trying to integrate OAuth2 authentication in my drf application. Given I don't yet need a front-end for my app, I was using the browsable API. DRF and the OAuth2 provider package are supposed to work together without much configuration, as explained in the tutorial. I should mention that a...
AdelaN
3

votes
1

answer
140

Views

Google oauth get refresh_token using js api

My application needs to signup users using Google plus and then display the user's profile data. When the user edits their profile on Google plus and visits my application again, the app needs to show the updated data. Hence the application needs to store the access_token and refresh_token for futur...
Alex
3

votes
0

answer
251

Views

OAuth 2 Web API 2 Bearer Token Two Factor Authentication 2FA

I'm trying to implement Two Factor Authentication (2FA) in a Web API 2 solution using OAuth 2 and Bearer Token with the help of OWIN. I know 2FA with Bearer Token is not a standard workflow but has anybody successfully done this? Basically, I have two scenarios I need to cater for: User credentials...
Benji Britain
3

votes
0

answer
316

Views

OAuth2 iOS, access token and refresh token automatically renewal

I am trying to implement OAuth2 for an iOS app and I am currently using this extension for AFNetworking : https://github.com/AFNetworking/AFOAuth2Manager, but it doesn't renew automatically the access and refresh token. Can you tell me, please, what should I use?
Dianna
3

votes
1

answer
773

Views

Creating FollowMe link SoundCloud

I'm trying to create a simple FollowMe link for our Company and I am having a problem with the case when a user does not allow pop-ups. Here is the code: $(document).ready(function(){ SC.initialize({ client_id: '***********************', redirect_uri: 'http://localhost:8002/callback.html' }); var is...
GEverding
3

votes
0

answer
323

Views

OAUTH redirect URI can't figure out how to use in Android Mobile App

I'm writing an Android app that integrates with Fitbit and Jawbone. I've already completed the Jawbone integration. Jawbone uses OAUTH2 and they provide a default redirect URI of http://localhost/helloup? This is probably me not fully understanding OAUTH but I was under the impression that the redi...
tronious
3

votes
0

answer
609

Views

JWT Token vs Default token in Asp.net Web Api

I want to build a web application with angularJs in the front and Asp.net web api in the back end , i did a lot of searching onhow to secure my backend server , I found that a lot of articles talk about the benifits of JWT token (JSON Web Token) but in the default Asp.net web application project the...
SYB
3

votes
1

answer
3k

Views

Google OAuth2 and app script in IFRAME sandbox

I am a newbie as far as web development is concerned and even more so with Google App Scripts and OAuth2.0. Having said that, I have researched enough and also tried several tricks, but still can't get past this issue. I borrowed sample from here: Google Developers - Client API Library Then created...
Pavan Deolasee
3

votes
0

answer
414

Views

Authenticate an user with Keycloak calling a Webservice

I'm trying to secure a connection to a Java EE webapp using Keycloak. Beeing completly new to Keycloak, and how to configure it, I would like to do this : When trying to reach my webapp without beeing authenticated, I am redirected to Keycloak login page (this is done) I enter login / password, and...
Vince
3

votes
3

answer
1.9k

Views

Is it OK to pass on OAuth Access Token between services?

Considering the following scenario in a context of the SSO/OAuth/microservices: User successfully logs-in to the web application using OAuth's Implicit Flow. Web app requests some data from Service A and Service B passing on user's Access Token to authorize both requests. Service A also calls Servic...
begie
3

votes
0

answer
400

Views

Yahoo OAuth2 have new apps request mail API access

Is there any way to create a new Yahoo Oauth2 app with Mail api access? It seems like this feature has been removed and only available to premium accounts. Going to the 'Create App' link: https://developer.yahoo.com/apps/create/ you can see the Mail access option is no longer available.
ewein
3

votes
3

answer
6.7k

Views

Why do I keep catching a Google_Auth_Exception for invalid_grant?

I am trying to build a web app that accesses Google Analytics API, and pull data. However, I have having some issues with the OAuth 2.0 authorization. It allows for successful initial access, but it quickly kicks me out and throws a Google_Auth_Exception with message 'Error fetching OAuth2 access to...
eluong
3

votes
1

answer
1.4k

Views

NativeApplicationClient and OAuth2Authenticator not resolved

I am writing a Console Application to download data from BigQuery. Once again, the .NET library is vague and confusing. In this question, two Google employees have posted a response and neither of the responses is working on my machine because they haven't quite made it clear which references they a...
Disasterkid
3

votes
2

answer
1.3k

Views

google oauth2 refresh token limit

I'm developing a web application that needs to access 100 or more different Google Calendars using OAuth2. All the calendars are on different accounts with their respective users. I came across this paragraph from Google: 'Note that there are limits on the number of refresh tokens that will be issue...
user3329936
3

votes
1

answer
4.8k

Views

Google OAuth2 error - Required parameter is missing: grant_type on refresh

I have built a prototype calendar synching system using the Google calendar API and it works well, except refreshing access tokens. These are the steps I have gone through: 1) Authorised my API and received an authorisation code. 2) Exchanged the authorisation code for Access Token and a RefreshTo...
Colin Martin
3

votes
1

answer
1.5k

Views

Using Google API's for one's own account without OAuth

Specifically, I'd like to use the Gmail API to access my own mail only. Is there a way to do this without OAuth and just an API key and/or client id and secret? Using an API key like: require('googleapis').gmail('v1').users.messages.list({ auth: '', userId: '') }); yields the following error: { erro...
Brandon Zacharie
3

votes
1

answer
6k

Views

Facebook OAuth Error validating verification code sometimes happen

I have a very strange problem with authenticating facebook users. Basically it works for 90% of users, but for 10% I alwayas get an error ' Error validating verification code'. They tried to login from different browsers, OS and they always get the same error. I did all by the book: https://www.fac...
Predrag Spasojevic
3

votes
1

answer
2.8k

Views

Use OpenID Connect Gluu authentication provider to secure Spring Boot Web App client

I have followed this guide http://spring.io/guides/tutorials/spring-boot-oauth2 and can get it to work with Facebook and Github but I want to use GLuu as my in house authentication provider to do OpenID Connect with my spring boot web app. I have Gluu configured to return two response types both Au...
emmmdeee
3

votes
2

answer
966

Views

How to resume flask.session object when oath2 callback

I'm writing Sina Weibo client via oauth2 to add authentication to current user who has already loged in with my own website's account, since OAuth2 uses a redirect-callback mechanism, it seems that after this routine, and in the Callback view handler, the flask.session is totally a new object. Thus...
Brent81
3

votes
1

answer
552

Views

OAuth2 app with Touch ID

Is there any way that a third-party app can logically use Touch ID to authenticate to a web service that uses OAuth2? Say I own a web service that requires authentication using OAuth2. It supports both the implicit and authorization-code grants (although I could add support for other grants if neces...
JW.
3

votes
1

answer
3.5k

Views

OAuth2 via Google/Google+ from ASP.NET MVC 5

I'm working on an MVC 5 app where I need to use oAuth2 from Google for authentication. There are quite a few tutorials out there (both typed and some video) that all show the same way of getting this setup but I simply cannot get them to work for me. So let me start from the beginning. I started off...
Jaxidian
3

votes
2

answer
1.2k

Views

How to require login in Elixir Phoenix application?

I'm using the OAuth2 example (with Google) for authenticating my Phoenix web application. Though my site requires the user always be logged in or authenticated. There's no user registration or anonymous access. I've got the OAuth2 part working using Google as the provider. Though I'm not sure how...
3

votes
2

answer
2.1k

Views

What is the state parameter used for in Facebook's manual login flow?

In the fb developers docs for oauth authentication api - in the confirming identity section it has this note: Note that you can also generate your own state parameter and use it with your login request to provide CSRF protection. Can you help clarify what exactly is the meaning behind this? I mean...
Gautam
3

votes
1

answer
1.2k

Views

Authentication after migrating to App Services Mobile App: uid vs sid

I've migrated form Azure Mobile Services to the new App Services Mobile App, and I'm using the new AMS 2.0.0-beta on the client-side. I have two providers (currently) implemented for OAuth 2.0: Google and Twitter. Previously, I was able to get the provider token via a claim in the principal on the s...
3

votes
1

answer
3.4k

Views

Google Calendar API and OAuth problem

I get the error com.google.gdata.util.AuthenticationException: Unknown authorization header at com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse(HttpGDataRequest.java:600) ~[gdata-core-1.0.jar:na] at com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse(GoogleGDataReque...
DP_