Questions tagged [oauth-2.0]

3

votes
2

answer
1.5k

Views

AWS API Gateway - using Access Token with Cognito User Pool authorizer?

I am configuring an app with various frontends (mobile and web apps) and a single API backend, powered by Lambda and accessed via AWS API Gateway. As I'm planning to use Cognito to authenticate and authorize users, I have set up a Cognito User Pool authorizer on my API Gateway and several API method...
H O
3

votes
2

answer
4.1k

Views

Multiple OAuth2 access tokens for single application?

Maybe someone could clarify me, as I am not finding that clearly written in documentation... I do have a single application, which is running on multiple machines. With OAuth2 I do have to obtain an Access Token in order to work with Google API. Do I need to use single Access Token across all my hos...
Laimoncijus
3

votes
2

answer
4.2k

Views

Google OAuth scope for sending mail

Using Google Oauth2, the following scope is used to get API-access to a users email: https://mail.google.com/ Testing the scope via OAuth 2.0 Playground confirms that the app wants to 'View and manage your email': Is there a way to only ask for access to send emails on behalf of the user? A more spe...
Jonas Nielsen
3

votes
1

answer
1.3k

Views

Perl Oauth2 package

What is the best package to do OAuth2 based authentication. I basically need to authenticate using a consumer key and secret key to get a consumer, and use a access token and secret to get a token. And then use the consumer and token to get the client to use to make the request?
Chris
3

votes
0

answer
136

Views

How to add Keycloak cusom member_role relationship

Is there a way to setup a relationship as follows using Keycloak? Roles -- can have many -- Premissions Projects -- have all roles associated to them -- Roles Users -- can be a member of many -- Projects (member) and a User is given a MemberRole meaning that they can have different roles on diffe...
Melissa
3

votes
1

answer
2.1k

Views

Completely logout of Google Accounts from OAuth 2.0 authenticated webpage and redirect

I'm trying to use Google OAuth 2.0 to authenticate a webpage on my local server. So far I've got: Index.php - This page checks if user is logged into with Google account. If user is not logged in, it goes to login.php. Login.php - This page redirects to Google's secure login page if no account is l...
user3656562
3

votes
2

answer
645

Views

“Authorisation is required to perform that action” message, even after clicking “Allow”

I've recently run into an issue authorising a new Google App Script project, specifically one using the Cloud SQL admin API. The same code exists in previously authorised GAS projects and works fine, but if I take a copy of the GAS project and try to run a function for the first time I'm unable to...
FreeZey
3

votes
1

answer
95

Views

Which OAuth2 authentication flow shoud I use for PWA + server side application

I am trying to choose the right authentication flow for an application: Fontend is an Progressiwe Web App accessible only via HTTPS. It'is done in Angular, Single Page Application. External Autorisation Server Backend accessible via REST calls For now I am using Authorization Code Grant flow. What h...
Maksym Demidas
3

votes
2

answer
7.6k

Views

Using oauth2_access_token to get connections in linkedIn

I'm trying to get the connections in linkedIn using their API, but when I try to retrieve the connections I get a 401 unauthorized error. in the official documentation says You must use an access token to make an authenticated call on behalf of a user Make the API calls You can now use this acces...
jack.the.ripper
3

votes
2

answer
2.8k

Views

Using the GoogleAPI's OAuth gives 'invalid_grant'

I'm creating an internal application in PHP that uses the Google Analytics reporting API. The application will always use the same Google account to connect to Analytics, so I would like to just keep access- and refresh-tokens in my database. I used the following Google tutorial to set up OAuth. I t...
3

votes
1

answer
1.5k

Views

When will a google oauth2 refresh token expired?

When will a google oauth2 refresh token expired? What I mean by expiration is expiration because of a certain time span had been passed (not because user has revoked access or because user has requested new refresh token) I have done some research and none of them cited official google documentati...
Kristian
3

votes
1

answer
4.7k

Views

xcode 4.2 iOS 5 and OAuth 2.0 - can you suggest a tutorial? [closed]

can you suggest a tutorial or detailed description how to obtain authorization with OAuth 2.0 for iOS 5. Or perhaps you can help me with starting point.
Michael
3

votes
2

answer
2.2k

Views

Requesting user email from Google Api returns unauthorized 401 error

I try to connect to google API and it returns: failed to open stream: HTTP request failed! HTTP/1.0 401 Unauthorized I requested for access token and it returned me xxx, after that I connect to Google API by following PHP code: $opts = array('http' => array( 'method' => 'GET', 'header' => 'Authoriz...
ardakshalkar
3

votes
2

answer
2.1k

Views

Why does Salesforce OAuth2 redirect me from one instance na3 for ex to another na9

I am trying to build a web app that lets the customer add demo data to any Salesforce instance. My demo builder uses OAuth 2 Authorization Code Grant. I am trying to get the switch instance portion working. However once the user connects to one instance GET /services/oauth2/authorize?response_type=...
Monica Wilkinson
3

votes
4

answer
13.6k

Views

Getting user profile with google oauth2

I'm trying to get user profile information upon logging in with google-oauth2. User successfully logs in and i can get the access_token and can refresh the token when needed. Though i could not manage to get any information about the user despite reading the docs and trying for hours. From 'Retriev...
hinoglu
3

votes
1

answer
336

Views

Can Sakai allow users to login via Google using OAuth2?

Is it possible for users to login to Sakai via Google using OAuth2 as described here? https://developers.google.com/accounts/docs/OAuth2Login This would be similar to how users login to StackOverflow. If it's not currently possible, what would need to be built to allow this to happen?
samottenhoff
3

votes
1

answer
1.1k

Views

Which client side framework (angularjs + oauth2) to use with identityserver3

I have done some research and found the following are the frameworks available to work with oAuth2 + AngularJs. satellizer - https://github.com/sahat/satellizer (last commit today) oauth-ng - https://github.com/angularjs-oauth/oauth-ng (last commit 30-Jun-2016) angular-oauth2 - https://g...
3

votes
1

answer
1.8k

Views

google sign-in auth2 customize scope without openid

I want to customize the scope to allow only 'email' and 'profile', without 'openid' because I would like to making it asking only to access to email and basic profile info. I tried to do it using the meta: or the js: gapi.auth2.init({ client_id: 'xxxxxxxxx.apps.googleusercontent.com', scope: 'email...
neoDev
3

votes
2

answer
5.2k

Views

Laravel 5.3 : Passport Implementation - {“error”:“invalid_client”,“message”:“Client authentication failed”}

I followed the exact steps mentioned in the Laracast : What's New in Laravel 5.3: Laravel Passport to implement api authentication using oauth2. My web.php file in the client/consumer project looks like: use Illuminate\Http\Request; Route::get('/', function () { $query = http_build_query([ 'client_i...
Hari Harker
3

votes
2

answer
2.5k

Views

Detect revoked permission for App in Google API

I am using the PHP Google client library. I successfully get a token and refresh token from user/google to use with the API. As soon as the user revokes the permission for my website in Googles settings on the Google page i get following error: Error calling GET https://www.googleapis.com/calendar/v...
Merion
3

votes
1

answer
1.6k

Views

Google play services sdk: Requesting for offline access during auth

Is there a way to request for offline access using the Google play services sdk on android? I know that the raw HTTP api has an option to do this by requesting for a refresh token, but couldn't find a way to do it via the new Google Play services sdk. The new sdk gives the app an access token using...
aarkay
3

votes
1

answer
662

Views

authorizationGrantType cannot be null in Spring Security 5 OAuth Client and Spring Boot 2.0

I followed the Spring Security 5.0 official reference documentation and sample codes oauth2login to setup OAuth2/OIDC authentication in my project, but it failed and I got the following exception when I booted up my application by mvn spring-boot:run. org.springframework.beans.factory.BeanCreationE...
Hantsy
3

votes
2

answer
1.1k

Views

Implementing client credentials grant type only using bshaffer OAuth2.0 library

I have decided to use bshaffer's library for OAuth2.0 (https://bshaffer.github.io/oauth2-server-php-docs/). I'm using it to implement a client credentials grant type for my API. When requesting for access token (using a hardcoded client_id and client_secret), Everything works fine. I pass the follow...
dagitab
3

votes
0

answer
770

Views

“URI must not be null”, on oauth implemantation

The Project had implement Oauth based authentication using resource server. It throws error URI NULL even after passing a url. This is the resource server configuration Im using. @Configuration @EnableResourceServer public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter { @...
user630209
3

votes
0

answer
480

Views

Authentication in OAuth2.0 and how it works with OpenId

Ok Looking for some guidance I am looking into setting up an central Authentication and Authorisation server for login and access to our Api using DotNetOpenAuth. So far OpenId -> Authentication OAuth -> Authorisation OK ... then it gets messy. OpenId has an extension for OAuth. (is there much...
FarmBoy
3

votes
1

answer
405

Views

Google authentication in Java fx webview

I'm developing an application that uses google oAuth2 authentication with google-api-client. In the webView, I open the url that the library gives me to access accessToken and try to authenticate. Everything is going well, to the step where you need to confirm the use of your account on your mobile...
Inv3r
3

votes
1

answer
2.7k

Views

DotNetOpenAuth Google OAuth2

In the last DotNetOpenAuth package, GoogleClient extends OpenIdClient, Someone knows where can i find implementation of google Oauth2 which extends DotNetOpenAuth OAuth2Client?
Alexey Gukezhev
3

votes
2

answer
4k

Views

Google Hangouts in my website as a chat/messaging system

I currently have Google OAuth 2.0 for authentication. Next I want to be able to use google hangouts in my website so users can chat with each other, along with showing their contact list. So basically I want it to look like how it is on gmail but on my website for hangouts. Main reason for doing th...
jm874327
3

votes
2

answer
1.1k

Views

How do I specify parameters to Oauth providers using oauth2 for Python?

Documentation for the Python oath2 library offers a very simple example of how to authenticate to Twitter: import oauth2 as oauth # Create your consumer with the proper key/secret. consumer = oauth.Consumer(key='your-twitter-consumer-key', secret='your-twitter-consumer-secret') # Request token URL...
John Hoffman
3

votes
1

answer
647

Views

Does Redirect URI provide security in OAuth implementation for native Mobile Application?

I am developing a native mobile application on Android which has to interact with a server with oAuth2.0 implementation and using the Google AppAuth library as explained here. 1) What is the purpose of Redirect URI other than getting Authorization code/Access token back to our application. Since Re...
Vishu Gupta
3

votes
1

answer
2.8k

Views

Webapi with multiple oauth tokens for different users

I am in the process of creating my own webapi in asp.net using oauth as authorization provider. The api wil basically serve as a provider for different modules as i call them. One could be a image gallery, the other could just be a user login module with different types of users. I have the oauth pa...
Jurgen Welschen
3

votes
1

answer
744

Views

Get OAuth 2.0 access token from # fragment on server side

I got a Jersey Grizzly REST server running. Now i am receiving receiveing an URL from Microsoft with an Access Token however this access token is placed as an parameter after a # Symbol. https://myURL.com/getToken/pathParam/#access_token=QWERwtrrgertWRDGTGHssef.... When i receive the Request from MS...
Maevy
3

votes
1

answer
138

Views

Unattended authorisation to Google API in Go

I've been trying to find a way to interact with Google's API (specifically, the Compute Engine API) without having the user authorise via a consent screen each time I need to reauthorise with Google. The requests will be made when no user is present, so not having to authorise via a consent screen...
Ryan
3

votes
2

answer
876

Views

Adobe Sign access token invalid_request

I'm having trouble with Adobe Sign's OAuth authentication -- every time I try to get my access token with my Client ID and redirect URI, I get this message: Unable to authorize access because the client configuration is invalid: invalid_request This is the request that I have been making (with the...
coffeecode
3

votes
1

answer
1.3k

Views

django oauth2 rest authentication flow for mobile apps

I'm trying to figure out which is the best flow to interact from my mobile app to my api. I'm using those packages: https://github.com/evonove/django-oauth-toolkit http://www.django-rest-framework.org I would like to have this flow: The user compile the registration view on my mobile app with user...
beddamadre
3

votes
1

answer
489

Views

Google+ oauth2 callback triggered multiple times

I have the following snippet of code: var myParams = { 'clientid' : 'XXXXX.apps.googleusercontent.com', 'cookiepolicy' : 'single_host_origin', 'callback' : _.bind(function(response){ this._loginGoogleCb(response); }, this), 'scope' : 'https://www.googleapis.com/auth/plus.me https://www.googleap...
Trace
3

votes
1

answer
618

Views

adding authorized JavaScript origins to existing google api OAuth client ID credentials doesn't seem to have intended effect

My question is a follow up to an answer to a related but different question https://stackoverflow.com/a/42633937/3175120. I initially encountered the following error when i tried to set up an 'authorize/login' button on an html page. idpiframe_initialization_failed', details: 'Not a valid origin f...
lukkyjoe
3

votes
1

answer
246

Views

Passing google identity from chrome extension to my node.js app

Overview: I am trying to understand the interactions between OAuth security in my server and in my chrome extension. I think I have 90% of the answer working, but I'm missing a bit. I'd like to find the cleanest way to finish my implementation using existing tools, rather than reinventing any wheel...
David Goldfarb
3

votes
1

answer
91

Views

Oauth2 login times out on AWS

I'm currently developing a Flask application on a Amazon EC2 instance running Linux. I have installed httpd and access to the site is successful. The Flask application has an OAuth2 authentication using Google accounts. When testing on localhost, the website runs perfectly with the user staying log...
qwertyuip9
3

votes
2

answer
216

Views

Get Recommendation from LinkedIn API returns empty map [:] as response

I have created a web application from which I am trying to get recommendations of a user from his/her LinkedIn Profile using URL String url='https://api.linkedin.com/v1/people/~:(recommendations-received:(id,recommendation-type,recommendation-text,recommender))?format=json' When I am using this URL...