Questions tagged [oauth-2.0]

3

votes
1

answer
2.1k

Views

How to use google drive API without web browser

I am writing a python script that is trying to backup all needed configuration files from my Linux VM to Google Drive Cloud. I would like to do it automatically, without entering the verification code from browser every time script starts. Could you please advise me how to do this? #!/usr/bin/python...
Jade
3

votes
2

answer
2.3k

Views

When adding Facebook integration to a web app, how do you handle OAuth token expiration and what user data should be saved?

I'm planning out adding Facebook integration to a web app I'm working on. For the most part, it's proceeding smoothly, but I am confused on the proper way to handle the OAuth token. The sequence of events presented by Facebook here is: Ask the user to authorize your application, which sends them to...
William Jones
3

votes
0

answer
869

Views

Can I use OAUT2 decorator for a user login to my app engine application

I have a Python GAE application which presents the user with a HTML login page. This page includes an oauth2 login link (response_type=code) to login to my application. The link looks like this: https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email...
voscausa
3

votes
1

answer
2k

Views

Microsoft Graph API Authentication_MissingOrMalformed

I am using oauth2/token to authenticate my application and get the access_token. Bellow is the java code which is working fine. private String getToken() throws Exception { String access_token = ''; String url = 'https://login.windows.net/MyApplication_ID_here/oauth2/token'; HttpClient client = Http...
Roshanck
3

votes
1

answer
211

Views

Is it possible to obtain a jwt refresh token using my server as sort of a proxy?

I'm creating a system where there are agents that require refresh tokens to report data to the system. The user would provision a token for an agent through my webapp. I'm attempting to have my server pass on the request for the refresh token to my auth provider (auth0). The flow is user clicks...
adapt-dev
3

votes
0

answer
569

Views

Unsupported authorization scheme: Bearer

I am trying to develop a code in which users may sign in to my web application through Yahoo. Everything works fine and I am able to retrieve the user's yahoo GUID. Now the problem occurs at the final stage in which I want to get access to the user's profile. I pass the authorization key through the...
AHBagheri
3

votes
0

answer
130

Views

How do I stop Heroku from changing the location header and causing 401 with my Spring boot OAuth2 service?

I have a spring boot oauth2 service working locally. But when I deploy this to Heroku it fails with a 401. So on my local system I go to the UI and I have no valid JWT so it does a redirect to: localhost:8080/api/auth/oauth/authorize?response_type=token&client_id=clienteagleeye&redirect_uri=http%...
jnl
2

votes
0

answer
44

Views

Use username field instead of email in Oauth 2.0

Hi I would like to ask if its possible to use a username field in the users table instead of email field just to make it the same to the one that I post in the URL. Just to remove confusion because in Postman I use username but it maps to the email field on the table Here's the screenshot in PostMan...
Sydney Loteria
2

votes
0

answer
597

Views

How to use OAuth2.0 access token to retrieve gmail contact list

I use the following code to obtain access token for my application in Python. CLIENT_SECRETS = 'client_secrets.json' MISSING_CLIENT_SECRETS_MESSAGE = 'Missing Client Secrets' FLOW = flow_from_clientsecrets(os.path.join(os.path.dirname(__file__), CLIENT_SECRETS), scope=['https://www.googleapis.com/au...
Robin W.
2

votes
1

answer
547

Views

Downloading a file from resource server to browser (OAuth2)

I'm implementing OAuth2 (100% spec compliant) in a project that I've been assigned to. Let's say I have a file named 'file.txt' on the resource server. The client wants to download the file. Suppose file downloads are done through another server, dl.example.com , because there may be multiple resou...
Abhishek Goyal
2

votes
0

answer
64

Views

undefined method `build' for Doorkeeper::Request::Assertion:Class

Currently, I'm building an application that can login via fb/g+ using doorkeeper and doorkeeper-grant_assertion. Previously, everything is okay but just a sudden I encounter this problem which is unfamiliar to me and even I already google it still can't find someone who had encounter this problem. c...
Juan Dela Cruz
2

votes
2

answer
2.7k

Views

OAuth2 authentication in GAE accessing Calendar API V3 (domain hosted)

I'm developing a Google App Engine app with Python. And I'm using: Google Calendar API v3 (to access a calendar in my own domain. So, this is Google Apps installed in my domain) Google APIs client library for Python. OAuth2 to authenticate users of my domain ([email protected]) I thought I had to us...
Jorge Arévalo
2

votes
1

answer
81

Views

Controller not working after migrating to ASP.NET Core 1

Im migrating my ASP.NET 4 app to ASP.NET Core. Most methods in my API work fine, but strangely some don't and I cannot see any reason why. I am using Owin.OAuth authentication (OAuthAuthorizationServerProvider) and, for all but two calls, the this.User (from ControllerBase) property is populated co...
Chris
2

votes
0

answer
103

Views

Google Drive: obtaining a Credential object

The Google Drive documentation describes two authorization modes for using their service. The first is intended for use by HTML/JavaScript client side applications, and Google provides sample code here. I was able to successfully get this code working. However, for my use case I am building an ex...
Tim Biegeleisen
2

votes
0

answer
54

Views

Is Oauth2 a suitable choice for our needs?

1 - Current situation We've got a REST API (coded with the Play framework 2.5 in Java) and four front-end interacting with it (two web apps: a back office and our site coded with React, and two mobile apps: Android and iOS). Everything is working correctly, but without user management. 2 - What we w...
Sylla
2

votes
2

answer
46

Views

Why does every OAuth2 provider work differently?

This annoys me, and perhaps I'm simply getting it wrong, but it seems that just about every OAuth2 provider has it's own subtle nuances to using their services. OAuth2 is supposed to be a standard way of dealing with authentication, so why isn't it?
Martijn
2

votes
0

answer
294

Views

Google API oauth httpd server conflicts with SABNzbd+ in Python

I'm writing a Python app that interacts with a Google API and requires user authentication via oauth2. I'm currently setting up a local authentication server to receive an oauth2 authentication code back from Google's oauth server, basically doing the oauth dance like this. It usually works pretty...
urbushey
2

votes
1

answer
92

Views

How do I properly do a Google oauth2 javascript workflow on mobile?

I am building a simple mobile webapp that authenticates itself against Google's oauth2 service using the javascript api. Whereas on the desktop it works fine, the mobile version sticks in the last step of the workflow. It does not return to the main page, but stays on the following url: https://acco...
Carl in 't Veld
2

votes
1

answer
51

Views

Set Google Account on Server side without showing dialog for account selection

This is code from which I get GA data but it is always ask in browser for account selection. How to define default account in PHP script. What I missing? This is equal to index.php in GA documentation but I use Symfony framework and decided to change this route /** * @Route('/get-google-analytics-d...
Stevan Tosic
2

votes
0

answer
180

Views

Unable to generate Oauth2 access token on WSO2 Identity server when using CloudFoundry-UAA as the identity provider

I have followed the steps mentioned in https://docs.wso2.com/display/IS530/Try+Authorization+Code+Grant. In addition to the steps, I have configured Cloudfoundry-UAA as the identity provider and generate access token using an Cloudfoundry user. I am able to generate the Authorization code by followi...
Senthil
2

votes
1

answer
994

Views

How do I authenticate/validate an Android app on an App Engine Server with OAuth 2?

I have a simple application that lets a user draw pictures. There are Android, IOS, and web-based versions. I also let users store their pictures on our App-engine servers and I want them to be able to collaborate with other users. I want to use Google accounts for authentication and the basis of so...
agent8261
2

votes
0

answer
817

Views

Pinterest: Can I access the main feed without using OAuth?

I'm trying to get access to information for the main feed in Pinterest so that I can extract the link URLs and use them as part of a study on social engagement on the web that I am doing. I know that it is possible to access an rss of a particular user with pinterest.com/user/pin-board/rss however...
Ray Barrett
2

votes
1

answer
686

Views

How to request additional google oauth2 scope?

I'm using google oauth 2 for registrations. While registration i'm asking these two scopes. https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile and I've successfully stored oauth2 tokens like refresh token in the database. Some of my users interested in i...
user1091558
2

votes
0

answer
94

Views

google authentication using angular2

I have an API that requires google auth2 authentication, and this is how it works tell now. the client access /login/google the server redirect him to google authentication page google send him back to server with a special code the server use that code to fetch more data about the current user from...
benaich
2

votes
1

answer
186

Views

How to check service-to-service authentication in Google Cloud Endpoints?

I'm trying to split a monolith Google App Engine application (using Python & standard environment) into several services within one application. Default service is calling API implemented using the Endpoints framework in another service. Everything works nicely except that I don't understand how to...
Fedor
2

votes
0

answer
689

Views

FOSOAuthServerBundle: OAuth2 Resource Owner Password Credentials Grant flow

I'm using FOSOAuthServerBundle in a Symfony2.1 project (using Doctrine) and I'd like to implement to use Resource Owner Password Credentials Grant flow. I read the good article written by Burak Seydioglu 'Securing Syfmony2 REST services with FOSOAuthServerBundle' but he explains only 'Authorization...
Filippo Grecchi
2

votes
1

answer
692

Views

Storage of OAuth access tokens in Javascript clients (e.g. Angular) [closed]

I'm looking into using IdentityServer4 together with ASP.NET WebAPI, Angular and so on. In most examples of OAuth 2 with Javascript clients I've seen the access tokens is stored in local storage or session storage. I have also read posts where they think that's a bad idea, for example these two: htt...
martintro
2

votes
1

answer
188

Views

OmniAuth OAuth2 how to access to a strategy -> client? so that I can refresh token?

background I have an omniauth-oauth2 subclass strategy working on my rails app. When to refresh access_token, I see I need to create OAuth2::AccessToken. But to create it, it seems it requires OAuth2::Client which I think can obtain from 'omniauth-oauth2 subclass strategy.' found this solution Ref...
kukrt
2

votes
1

answer
756

Views

Authenticating to Google Cloud Endpoints as iOS app (not user with Google account credentials)

One of my iOS apps contacts one of my services using Google Cloud Endpoints and I would like to restrict access to that service to instances of the app. I've followed instructions about adding authorization and have created an iOS client ID that is tied to my app's bundle id and app store id. I've n...
Drux
2

votes
2

answer
2.1k

Views

authResponseChange not firing

I have the following code, it works for a while then after a while I cannot get the authResponseChange event to fire anymore. I have deleted all of my cookies, deauthorized the app and re-added it. How do I handle this event? window.fbAsyncInit = function () { FB.init({ appId: 'APP_ID', status: true...
Jason Yost
2

votes
0

answer
69

Views

How do I migrate google OpenID to OAuth? openid_id seems to be missing

Since google has deprecated OpenID support, I figured I'd try to migrate, but boy is that an undertaking. I've gotten to the point where I can get user data from google, but I can't figure out how to get a user's OpenID identifier. The documentation says I can add openid.realm as a parameter when re...
user2145184
2

votes
1

answer
114

Views

Google Contacts token expires

I working with Google Contacts and it going fine. But after an hour I manually need to refresh the granted access. According to this SO question I should be able to update my refresh_token with this call: refresh_token = requests.post( 'https://accounts.google.com/o/oauth2/token', data={ 'client_id...
Jens Borrisholt
2

votes
0

answer
118

Views

Spring Security OAuth2 timestamp/logging to the database

I'm working on a Spring Boot application.I would like to take a timestamp of actions such as login time,password validation successful/unsuccessful, number of successful or failed attempts along with the user's ID and store it the database.In general I would like to keep track of user's actions and...
Suraj Kumar
2

votes
0

answer
80

Views

Did Coinbase discontinue their API Access or just Oauth2?

Got a letter from Coinbase: Hi there, Thank you for contacting Coinbase Support and our apologies for the delay in responding. As of August 22nd, it was decided that functionality for all Oauth applications, both approved applications and those pending approval, would be disabled as we can no longer...
jimijon
2

votes
2

answer
154

Views

Facebook auth serverside calls back 2 times with the same code

On our server-side authentication with Facebook we get a random and weird issue. Facebook calls the call back URL two times with the same code. This is only happening for some users and not on every login. This is the flow we have implemented on our side: https://developers.facebook.com/…/manually...
Florin V
2

votes
1

answer
2.7k

Views

WIndows Live ID OAuth2 Redirect Issue

I am attempting to incorporate Windows Live ID in my application. First, I created a Windows Live Dev Application account, here: http://msdn.microsoft.com/en-us/windowslive Let's pretend my Client ID is 12345 (of course, it's really quite longer) Then, I followed these instructions: http://msdn.mic...
Jerry Nixon - MSFT
2

votes
1

answer
258

Views

Google oauth2.0, required parameter is missing: grant_type

I follow Google document to make a 'sign in with Google' for my company desktop app, document link: https://developers.google.com/identity/protocols/OAuth2InstalledApp The problem is when I send a post request to retrieve access_token, I always receive this error: 'error': 'invalid_request' 'error_...
Tien Quang
2

votes
0

answer
193

Views

Soundcloud track stream URL returns 403 error Signature does not match

When trying to use the returned url from sound cloud, the response sometimes indicates an issue with the signature. For example, this will return an error for invalid signature: https://ec-media.soundcloud.com/8ekeDCuVw9Fe.128.mp3?f10880d39085a94a0418a7ef69b03d522cd6dfee9399eeb9a522039866f9bc34968a8...
sixkiller
2

votes
2

answer
241

Views

Verification Error with omniauth-facebook in Rails

I have seen many posts about this type of error, but it doesn't seem that any that I can find apply to my case. This is the error I am getting back from Facebook: Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request This...
unclesol
2

votes
0

answer
38

Views

Is there support for multiple oauth2 authentication login providers in SwaggerUI?

I can get multiple login options to appear in SwaggerUI with code similar to services.AddSwaggerGen(c => { c.AddSecurityDefinition('Google', new OAuth2Scheme { Description = 'Google', Type = 'oauth2', Flow = 'implicit', TokenUrl = 'https://www.googleapis.com/oauth2/v3/token', AuthorizationUrl = 'htt...
PatrickNolan