I tried to build a mobile app (client(mobile) <-> server) and i'm going to use google API to authenticate and identify my user and to sync to my server.
which is the best method to achieve this?
I was thinking to use below method:
Mobile app get authorization code
send the code to server
server contact google server to get access token
both server and mobile client use the access token to access data from google. <-- is this access token generated portable? means: i can use it in server as well as in mobile app?
i'm not sure if above method is the right method that i should use, if it the right method, is there any reference that i can follow (esp. in python) - i tried to read developer.google.com but it's quite humongous type of API there and i got lost...
Thanks for the kind advise
Related
I am writing this goroutine that'll call the GMail API and poll my inbox every 2 minutes or so. The problem I am having trouble with is the authentication part because it'll need me to login and authenticate myself and give authorization to the app to read my inbox. I am trying to eliminate the part where I will need to login via the Web UI and give access to my program. Does anyone have any ideas on how to login and authenticate myself programmatically?
You should be able to use the steps here in order to generate and OAuth client ID, then use that to connect using oauth?:
https://github.com/google/GTMAppAuth/blob/master/Example-macOS/README.md
Failing that, you could use IMAP access to bypass the api entirely. Turn on imap in settings and use a library like this to access your messages:
https://github.com/emersion/go-imap/blob/v1/README.md
I want to validate a google Authentication Code in my Net Core API with a Google's API or Microsoft.AspNetCore.Authentication.Google. I've seen people usually make a http call to validate the one-time Code following this guide but I think to make the application more robust the validation should be executed with the a proper Google API however I can't find an example code doing it except processing all OAuth flow that's not my case because I already have one-time Code (Authentication Code) gotten by my android application. Is it possible for these Google APIs to validate just the one-time Code? If I can which API should I use and how do I do it?
Btw my android application will be using the back end service a lot so I'm thinking on creating another token for the user not to be prompted with google login every time he uses the service but shouldn't be easier to use the same google's Access Token? I think that they advice to use one-time Code to avoid been caught with man in the middle attack in the future, but if I'm already giving another token for the user access my service shouldn't I use the google's instead already?
I'm trying to consume YouTube Data API v3 from a desktop Node.js application built with nw.js, but I'm getting an access denied error even though I have enabled the API on Google Console and created a Client ID (for native application).
Can you help me?
I don't think you can use the API from local files since:
Applications that use JavaScript to access the YouTube Data API must
specify authorized JavaScript origins. The origins identify the
domains from which your application can send API requests.
(source)
As a workaround, you can open a web page hosted on your server, and as long as the page is on an authorized domain it should work.
I'm a novice developer and use Parse.com to power the backend of my iPhone app.
I was wondering if it was possible to manage Facebook OAuth issues from Parse's cloud code (my backend) using http requests or the Facebook JS SDK.
For example: a user's long-term access token becomes invalidated due to expiration. I would like to be able to generate a new access token on the backend, given that I have access to: the old access token, my app_id, my app_secret, and the user's facebookID.
Q1: is it possible to generate a user access token using an http request? I know that I can generate an app access token, but this is not what I want (https://developers.facebook.com/docs/facebook-login/access-tokens). If it is possible, what is the correct structure for the http request (I've spent several hours trying to find an example and haven't been able to).
Q2: if #1 is not possible, is it possible to use the Facebook JS SDK in Parse Cloud code? Parse has previously stated this is not supported since the Facebook JS SDK assumes/necessitates being executed from a browser, but wouldn't it be possible to mimic a browser and still have this function correctly? If so, please provide example code.
Thanks!
Looks like this question has been answered already here: https://parse.com/questions/cloud-code-how-to-get-current-users-facebook-access-token
Parse.User.current().get('authData')['facebook']
I took a look in some docs at developers.google and some questions here in stackoverflow and I really would like to found an objective answer about use the Google OAuth Server to authenticate an application and grant access to download docs into a Google Drive account with NO BROWSER interaction.
As far as I could look, docs like "Using OAuth 2.0 for Server to Server Applications", "Using OAuth 2.0 for Devices", answers here, I couldn't found an article saying "Is possible to authorize an application to get files from a common Google Drive account in Devices with no browser...".
Anyone have tried and had success in this jorney?
The Devices flow is meant for applications that run on devices where no browser is present (fancy example could be a wristwatch that shows new G+ notifications) and requires the user to do manual steps on a device that has a browser. Also this is for getting access to data on the user's account.
UPDATE:
As you say you have an embedded application running without a browser available and want to access data on behalf of a user, this is definitely the way to go. This however still needs the user to login (once) on another device with a browser. After you got an access token using this flow, you can then access the Google Drive API either manually or by using some library.
So you want to access data on Google Drive that belongs to a special account and only your application can access it without a browser involved?
A Service Account (the Server-to-Server flow) would be exactly what you need. These however are only for usage on a web server, as otherwise your private keyfile would have to be deployed to a client, where it could easily be extracted.
One thing you could do is use your own web server that fetches data from your Google account using a Service Account and have a client application that only connects to your own web server. This has of course also its downsides, especially when it comes to locking down your web server so no third party clients could access it.
It can be done, but a browser does need to be used. I've successfully gotten OAuth 2.0 working on an IBM i (AS/400, iSeries, System i, whatever the name is today) which doesn't have a browser. I've so far implemented the Calendar and Google Cloud Print APIs.
During the OAuth 2.0 negotiation you will be returned a URL and a code. You need to display the URL for the user to go to, then the code to enter to grant authority for that specific API/scope. I have an example in our documentation here:
http://docs.bvstools.com/home/greentools-for-google-apps/docs/g4g-base-commands/g4gregsvc
But, the issue now is that the drive API is not yet available to devices. But, Google has said that soon it should be.