I want to create an application that can share my schedule with all users in the same room using google calender api.
When authenticating with web client (oauth), do each user have the authority to view only the information of the user authenticated by his own browser?
For example, suppose user A and user B authenticate with oauth in their respective browsers.
In this case, does User B's browser have permission to view User A's calendar?
Or can I only view my own calendar?
If I want to do the above, do I have to use a backend to hold a per-user access token?
its a little more complicated than that.
When user A run your application the user is displayed a consent screen. Asking them if they are willing to give your application access to their data. Assuming the user gives your application access. Then Your application has access to access that users data.
When user B runs the application then the application will request user B for permission to access their data.
The application has access to user B's data and user A's data. User A does not have access to user B's data.
What you could do is create a page where your application then displays data to both users from each others calendars. If you want this to be a permanent thing then the application could also add user A to user Bs calendar and visa versa. Granting them each access to each other's data.
You may end up with some issues here as FAR As GDPR goes you will need to be sure that the two users realise that they are going to be sharing data for their calendars. Does user A really want to show user B that they have an appointment for a hair transplant operation on monday for example. This is private user data and you are treading on some sensitive data here.
Related
The user visits the website of the app and enters their existing
credentials (username and password) to access their account.
The authenticated user (from step 1) reviews the list of managed
users. Choose a user to verify their posts.
In this scenario, we assume that the author of the publications is
in another location, so the user in step 1 must request access
permission.
The author of the publications receives a request from the user of
step 1, upon granting the authorization, the application must
generate a code of digits which must be entered (by the user of step 1) to be able to access the restricted information.
The following assumptions are considered:
User A (who requests access) and user (B) who grants it are in
different locations, but in the same building or office, so they can
communicate with each other by phone or in person.
The process of requesting and granting access, together with the
generation of the access code, requires that the two users A and B be
authenticated within the application.
In general, it is what you want to do, so I would like to know what are the correct concepts that should be used, information that should be taken into account or a library in Laravel that allows me to perform this task.
I appreciate any suggestions or information about this topic.
Thank very much. Regards.
We are integrating Google Calendar with our room booking system. Users in GSuite domain should login on our reservation screen and book a room. So far I made use of an service account with domain wide delegation to impersonate the users (the setSubject() method, passing the e-mail address of the impersonated user). Everything works, although this way we cannot verify if the user we want to impersonate is logged in successfully or not, the event will be just created with him as the organizer, because setSubject() only requires the email to work properly.
In IBM Domino, when using an Java XPage I was able to compare passwords of the user, not in plain text but there was a function which compared plain text with user's hashed password and returned true if they were equal.
As I see Google doesn't have such a thing if I'm right. How could I check if the user can successfully log in programmatically?
If you want to perform actions in Google Calendar on behalf of a currently logged-in user from a web browser, you might want to use OAuth2 for Web Server Applications instead of using a service account with impersonation.
We are building a finance app and integration Yodlee in it and we have come to situation where we need user's loging.
Now we have two scenarion,
Ask user to login & use token for API call. But as userSessionToken expires after every 30 minutes, we need to open yodlee login screen.
We can register yodlee user when any user sign-up on our site and use his credential from back-end to get yodlee userSessionToken
Scenario 2 has data protecting issue. Is there any way where we can get new token with a single user login.
Please suggest me if there is any alternative way.
You should use second approach, as you don't want user to register twice.
Once user registers to your site you should internally call register3 API to register that user with Yodlee. There is no data protecting issue, unless you don't have required security standards in place.
We have developed an app that let user login with facebook. The app has been granted all required permissions to retrieve name, email, gender and age range etc. But our app developer stored only id,name and email while user login. Now we need to retrieve gender and age range of all those users who have logged in the app.
Is there a way to rerun user query to retrieve those data? I am looking to develop an program using Spring-social and RestFB but it needs user login action to retrieve required data which is problem in our case since we cannot recreate login action again.
As long as the user granted public_profile permission to your app, and you have their app-scoped user id, you can make the API call using your app access token.
And if you are looking to request this data for a lot of users, then you should optimize your requests in the following ways:
request the fields you need only: /user-id?fields=id,gender
request data for multiple users in one go: /?ids=user-id-1,user-id-2,user-id-3&fields=fields=id,gender – https://developers.facebook.com/docs/graph-api/using-graph-api/v2.5#multirequests
perhaps even use Batch Requests if necessary, https://developers.facebook.com/docs/graph-api/making-multiple-requests/
Not sure if this is possible or if anyone has managed to do this. I have user with super admin access, with which I can create a new user for my domain. However I also want to add a couple of calenders to the created user's calendar list. When I create a user I authenticate using my super admin, but then I can't add a calendar to the user's calendar list since I am not logged in as the user. Is it possible to do this as the super admin, or do I have to logout and authenticate as the created user in order to add calendars to their list? This is the base url to which the post request is made:
https://www.googleapis.com/calendar/v3/users/me/calendarList
in the place of me could I pass in the id of the user? I couldn't find any parameter in the documentation with which I can specify the user to whose list I want to add a calender.
Thanks
Two options:
Each user much login to google calendar and share thier calendar to a single user. You can then use this account to update their calendars. Note that google has limitations to how many calendars and request you are allowed before the account goes to read-only mode.
Buy a google apps domain (5$per user per month) and create a service account at console.developers.google.com. Create a project and give it domain wide delgation at admin.google.com. In Apps engine you should be able to give access for admin to modify all users calendars.
No matter what case you choose, you also need to enable CalendarAPI at dev console site. Now with private key created from website request OAuth2 access token, where sub field is set for the users that you want to change calendar for. With returned access token use CalendarAPI to modify calendar.
Sry for bad english and short description, i'm in a hurry. /conner ;)