I write backend ASP .NET Core API and I need to read user Google Fit data.
I created an Android app that gets the server auth code and sends it to backend. As far as I understand, I need to get user token and then use it to access Google Fit. I tried to find libraries for it and failed. I also tried to get user token using Postman and got the following error:
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
Am I doing something wrong?
You may refer with this thread: Using google fit api from a backend server.
To access from a back end server you will need to use the Rest API's There is documentation at developers.google.com/fit. You should be aware that the Google servers and the Android device are synced irregularly so data on the device may not be visible for hours or even days.
You may also check this link on how to read user's Google Fit data via REST API.
There is a mechanism for Android apps to obtain offline access for web back-ends highlighted in the CrossClientAuth guide from your question. With offline access, you can theoretically serve or store that data in any way that the user has consented to. Any access controls of that data to another person is something that you'd have to handle on your own.
Related
I have an outlook addin that I've built using Yeoman. The addin communicates with a server API on my server to combine data from an email with additional data from a database that a user has saved against an email address. This is all working great.
Next I want to store a copy of the email server side, as a file on disk, .msg preferred but I'll take a .eml if thats the only option.
I have 2 options but don't know if either are possible. Either the addin generates the .msg file and posts it to the server API OR the server side API generates the .msg file directly. I have got the server side using the Outlook v2 API and able to pull back the email information when the client passes it the token, id etc. If it could just generate/download a .msg file server side this would be ideal.
As a side note, many of the Microsoft API pages point out the deprecation of the Outlook API in favor of the Graph API, however there are inconsistent links between the pages and it get confusing. I have discovered the token from getCallbackTokenAsync only works with the Outlook API and not Graph, but I cant find out a way to generate a graph compatible token. All the example code from MS uses Office.context.mailbox.restUrl which still gives the Outlook API url and not Graph!
So I guess I'm trying to find out if it's even possible to get/generate a .msg or .eml file either client side using outlook.js or server side using one of the api's. Thank you.
I can get message data both client and server side but cannot get a physical email file.
The Office JavaScript API (OfficeJS) doesn't provide anything for saving messages as msg files (or getting streams). The best what you could do is to use Graph API where you could get the EML file, see Get MIME content of a message for more information.
The server-side code may use the OAuth 2.0 On-Behalf-Of flow (OBO) to request a new access token with permissions to Microsoft Graph. Read more about that in the Authorize to Microsoft Graph with SSO article.
The on-behalf-of (OBO) flow describes the scenario of a web API using an identity other than its own to call another web API. Referred to as delegation in OAuth, the intent is to pass a user's identity and permissions through the request chain.
For the middle-tier service to make authenticated requests to the downstream service, it needs to secure an access token from the Microsoft identity platform. It only uses delegated scopes and not application roles. Roles remain attached to the principal (the user) and never to the application operating on the user's behalf. This occurs to prevent the user gaining permission to resources they shouldn't have access to. See Microsoft identity platform and OAuth 2.0 On-Behalf-Of flow for more information.
Eugene's answer is good. If ultimately you need to get that message to your backend service, using Graph as Eugune described would be the recommended approach. If for whatever reason you are still looking for a capability to access it on client using Office.js, it is not a part of the product. We track Outlook add-in feature requests on our Tech Community Page. Please submit your request there and choose the appropriate label(s). Feature requests on Tech Community are considered, when we go through our planning process. Note there is already a couple of similar ideas there, if you search for "eml" keyword, that you may want to upvote.
I have added a non-renewable subscription for one of my projects. We also started implementing the Google play developer API to get the subscription latest status from the Play Store. For that we have done the below steps as per this blog:
Linked the developer account to a new Google Cloud Project.
Enabled the Google Play Developer API for the Google Cloud Project.
Created a service account and created a key for the service account.
I have below clarifications related to this implementation:
I tried to Grant Access for the following permissions: But the corresponding checkmark is not clickable.
View financial data, orders, and cancellation survey responses
Manage orders and subscriptions
The 3rd step as per the blog is to Authorize an API key, but I didn't get a clear idea of that.
We are going to implement this API on the back end side as a corn job, do we need to generate a JWT token for accessing this API? Is this possible to call without a Token? I found 2 types of implementations from this blog, which one is easy and secure?
"Your application can complete these tasks either by using the Google APIs client library for your language or by directly interacting with the OAuth 2.0 system using HTTP."
From where we get the get API path and other details. I found a similar get API from AppStore like this. Is the play store providing a similar kind of get API?
We need the latest purchase status API and for that what parameters do we need to pass?
I am currently building a NodeJS backend app that is querying the Google Calendar API. I have setup a new project on Google Cloud API platform and have generated all the required credentials. As stated by the google calendar API page, the allowed queries per day is 1,000,000. Since I am only querying for testing purposes at the moment, I am sure that I haven't even hit a 100. Yet whenever I try to query the API it returns the error:
"The API returned an error: Error: Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
Also I have noticed that the dev console has generated a API key for me. Where am I supposed to put that?
My initial thinking is that Google API requires me to perform an additional signup using some CLI tools or something along those lines to signup. If not, where am I supposed to sign up?
Thanks in advance.
Note: I already have all the information from the cloud platform such as client_id, client_secret, project_id.
In "Error: Daily Limit for Unauthenticated Use Exceeded", they key word is Unauthenticated. Your request to the Calendar API is missing an OAuth Access Token. You will need to research Google OAuth.
This question has been answered many times. Please learn how to search SO for similar questions whenever you post a new question. https://stackoverflow.com/search?q=google+oauth+%22daily+limit+for+unauthenticated%22
To anyone who comes across this post in the future. I fixed the issue by using the project generated by Google Calendar API site (https://developers.google.com/calendar/quickstart/nodejs) by clicked the big blue "Enable the google calendar api" and then changing the name of the quickstart project that was generated. I don't know why it works now but it does and it's been working quite stably so far. Lets see how to goes.
I try to fetch photos based on hashtags using Instagram API(Sandbox mode). Using below API
https://api.instagram.com/v1/tags/awesome/media/recent?access_token=<My Access token>
I am getting the error
> {"meta": {"code": 400, "error_type": "OAuthPermissionsException",
> "error_message": "This client has not been approved to access this
> resource."}}
But if I use https://api.instagram.com/v1/users/self/media/recent/?access_token=<My Access Token>
then its returning recent 20 media items.
In my sandbox I have authenticated 1 more user but I am not getting any media items other than mine.
I am following the official documentation of Instagram API.
Please provide your inputs for this behavior.
/tags endpoints requires public_content scope enabled for your app. Without it you will not be able to use this endpoint. To be honest right now it is not possible to submit your app for review if you want to have public_content permission. Old Instagram API accepts apps for review only for basic scope. You should try to switch to Facebook Graph API, but please keep in mind that right now it supports only Instagram Business Accounts.
You can try to filter out media that does not contain the tag you wish in response from /self/media/recent endpoint. I know, not the best solution:/
I am developing an API for a social network website. This API will basically get all the requests from the users (get friend list, post a status update etc) and reply back if necessary.
We will implement OAuth 2.0 protocol for authentication. Consumer (our php project) has API id and secret.
Basic scenario:
Client wants to log in
API Consumer (php web project) takes this request, directs user to API
User send his/her user credentials to the api, gets the token.
User comes back to our website, pass token to the consumer.
Consumer goes to the api server, gets the access token.
Now consumer (php project) has access to user's private information.
Since this is a social network website, we want app developers to be able to use our API in the future.
I am not experienced in API-design. Does that flow make sense? I guess the simplest authentication would be accessing user information through php project. But we don't want to access database in php code. We will use ajax in client side and send a request to the API. And I believe there should be a better solution, what would you suggest?
Sure, API design is basically point where you need to choose technology.
Either it can be PHP or .net or Java.
I would prefer either PHP or .Net as we get lot of flexibility in it.
API will return XML or Json depending upon the request.
There are lot of CMS in php which can be helped.
.net we have Service Stack to help you.
API's had to be fully independent from other world as well as within API method as well.
If you are able to achieve this, then you will surely create a good architecture.