I have 2 questions in this thread.
I use google API authentication. After run the code to make credential, the browser opens OAuth consent screen in new tab (google chrome). How can I show it as a popup dialog, not open new tab anymore?
After I click accept button, API return the text that tell me token is received in that tab. How can I turn it off immediatelly?
Thank you!
Depends on the language you are using. The consent form is just a web page so assuming you can create your own popup window with a web browser just feed it the consent URI.
You cant really the authentication code is returned to you by the authentication server as a web page its going to have to open up someplace.
Related
I'm having trouble with Microsoft Teams in the sense that I does not recognise my username and password that I enter in my application. I'm able to get my application to display inside the Teams page, but when I capture my username and password, Teams re-display the login screen. I'm using asp.net core identity framework to authenticate my users.
When I add [anounamous] tags to my controllers, it's possible to navigate to those pages. But anything that is not decorated with [announoumus] will force me back to the login screen and then Teams does not recognise the login details.
It is as if it does not know how to read the information in the cookie.
I'm able to load the manifest.json file without any issues, then select the page to display on the Team Tab. But when I try to navigate to a "restricted" page that requires my user to be logged in, Teams display my login page.
Below is a link to the Manifest file if anyone is able to help: dropbox.com/s/wxw3xtk1458blbu/Ezymapps.zip?dl=0
I am using OAuth 2.0 for google SingIn, it is opening a popup window for user authentication but i want to open in same tab itself, please help me.
Thanks in advance.
The popup window opens if you use Google Sign-In JavaScript library. You have to use server side api client libraries to authenticate / authorize without a popup.
https://developers.google.com/identity/protocols/OAuth2WebServer
You can use ux_mode: redirect to change Google to Redirect mode which will open in the same tab instead of in a popup.
Ref: https://developers.google.com/identity/sign-in/web/reference#gapiauth2clientconfig
Then on your redirect landing page, use auth2.currentUser.get() to retrieve the signed in Google User object.
(I know this is an old question, but this was one of the first results in a web search; thought it might help others who end up here as well)
Is it possible for me to create an application that can send our requests to access to users' Google Calendar so that I can see the events in there and be able to add, edit, and delete events?
I do not want the users to log into my website to enable this access. Rather, I want to be able to send this request, perhaps via email.
Alternatively, perhaps they could log in the web app and authorize access themselves somehow.
One option would be to e-mail the user a link to the OAuth 2.0 consent screen. The users would still need to open the link in a browser, sign in to their Google account (if not already signed in), and click the "Authorize" button to grant your application access to their Google calendar events.
First, you will need to register your application as a Web App in Google's Developer Console (just like for any other application) and obtain a client_id. Be sure to fill in the name of your application and a link to your website in the "OAuth consent screen" section, because these values will be shown to your users when they click the authorization link.
Then, follow these steps:
Send the user an authorization link in an HTML e-mail message. The link should be constructed according to the guidelines in "Redirecting to Google's OAuth 2.0 server", and pay attention to the following aspects:
Ensure that the redirect_uri parameter in the authorization link points to your application.
Since you already know the e-mail address of the user, consider including the login_hint=<email address> parameter to bypass the account selection screen.
Important: provide a value in the state parameter so that you can link this authorization request with the user.
The link should be placed in an <a> tag somewhere in the body of the e-mail: Allow access to my Google calendar
When the user clicks on this link, their browser will open and show the standard Google consent screen:
Once the user has made a choice, their browser will be redirected to the redirect_uri which you have provided.
Make sure that the redirect_uri will work even if the user isn't signed in to your application. Capture the state and authorization_code values which Google appends to the redirect_uri, and then return a confirmation page (e.g. "Thank you for giving us access to your Google calendar" would be a good idea).
Using the state and authorization_code values, follow the rest of the standard OAuth 2.0 flow and retrieve a refresh_token which will allow you to access the user's Google calendar from your application.
Keep in mind that the calendar owner (the user who is clicking the link in the e-mail and granting your application consent to access the calendar) may not even be a user of your application. This is why it is important to provide as much information as possible on the consent screen and in the confirmation page.
Since your confirmation page will be loaded even if the user does not grant your application consent, you could take the opportunity to give the user a full description of why you are asking for access to their calendar and provide a link that will take them back to the consent screen. This should increase your success rate.
Every request your application sends to the Google Calendar API must
include an authorization token. The token also identifies your
application to Google.
Your application must use OAuth 2.0 to authorize requests. No other
authorization protocols are supported. If your application uses
Google+ Sign-In, some aspects of authorization are handled for you.
The details of the authorization process, or "flow," for OAuth 2.0
vary somewhat depending on what kind of application you're writing.
For more details on the workflow to gain access click here. Once your app has access, it will be able to view and edit a user's calendar events, depending on the approved permissions.
In my WP7.5 app, I have redirect the user to google web page where is asked to giving the app permissions to access to his account, user click yes, but it redirects to a page where there is the code and user is supossed to copy/paste that to my app.
The Response is
Please copy this code, switch to your application and paste it there:
4/3oHAHtqSk1CqA3S8HlEsuQRaE08e.4nCBpXhR-R8WgrKXntQAax02U4CwcgI - Auth code
I want to, when user press ok, return to my app with that code, is there any way to do that?
-SheikAbdullah
If you're using the Browser control, here's a great CodeProject article on how to do it:
Google OAuth2 on Windows Phone
How can one avoid to have to show this redirect_uri = "https://www.facebook.com/connect/login_success.html" each time you login with your WP7 app.
I have a share button in my app which should post content to the facebook page of the user that logged in. Currently when a user already has entered username/password they still get to see the white screen "login_success.html" first and then the item gets posted and it returns back to the app page.
How can you avoid this screen in the app flow ?
I am using the facebook sdk C# v6...
Thanks.
You can make your browser control invisible after you got the access tokens