How to make a 'log in with Spotify' authentication system using Firebase? - asp.net-web-api

I have a web page which I want to make it only available to users after they log-in using their Spotify account. I am using Firebase for backend.
I haven't implemented any social authentication before, so an in-depth answer will be much appreciated.

There is a great exemple to implement Firebase auth with Instagram Oauth. It will be exactly the same for Spotify.
Read it here : Authenticate your Firebase users with Instagram
edit: And now there is also a sample for auth with Spotify + Firebase functions

Related

Add Google, Facebook and Instagram Login in Flutter APP with REST API

I have purchased this Multi-restaurant system from codecanyon. Backend is developed with Laravel and I want to add Social Login in customer app but i am not able to figure out the way to do it. Through Firebase we can do it but how do we manage it with API. Any kind of resource or help will be appreciated.

Integrating Social Logins with own OAuth2 REST API server

I am trying to make a mobile app in React-Native and Server in Spring-Boot which have a OAuth2 implemented API endpoints.
My question is how can I integrate Social Logins into my React-Native app which in save a user in my user table. apart from Social login I am using naive register/login flow which require username/password to provide access token from OAuth2 Server. How can I do the same with Just Social Login without prompting user any password or other extra information.
any general solution for this will help regardless of tech I am using.
Thanks
Usually when using social networks to login/sign up you'll get a token returned in your app which you can send via your REST API and on your backend it can then retrieve the users information from the social platform used depending on the granted scopes(e-mail, username, etc...) and store the retrieved values in the database.
Thats basically how it works in general, but if you want to have more information you probably still need to share some more info about your tech used.
Hopefully that helped you out ;)

Mobile sign up with spring social

I am trying to use spring social for my REST services and my mobile app.
I wonder what the best approach is.
I am planning to use linkedin, google login and password authentication inside my mobile app. This social login should be connected to users in my database.
My spring application will act as an API which should be secured with a JWT token. The mobile app will afterwards use this JWT token to consume the API.
On my mobile I would like to have the possibility to sign up/sign in with linkedin, facebook or password.
As far as I understood mobile requires a different oauth flow than described in https://spring.io/guides/tutorials/spring-boot-oauth2/
Seems like it required the "Proof Key for Code Exchange" flow as stated in:
https://auth0.com/docs/api-auth/grant/authorization-code-pkce
Is this correct? I didn't find any information how to best do this with spring social and if spring social supports this use case.
Could someone point me in the right direction? I just found information how to do this with single page application and not with mobile applications. Thanks a lot in advance!
One possible way would be
The mobile app uses LinkedIn or Google's SDK to do SSO to retrieve an authN token.
The mobile app passes it to the backend service, which uses it to retrieve user details (e.g email) from the oauth service.
The backend service could do additional work about the user details (for example, link with existing users).
The backend service returns a JWT token to the mobile app, which ends the SSO.
The SSO should be able to return an email address for you to link users. Sometimes you need to apply for the permission explicitly (which Facebook requires).
The key point of this approach is that it avoids using the OAuth2 library completely in your backend services because it is now handled in the mobile app by using SSO provider's SDK.
The flow is summarized in the following drawing:
========
Edited:
We used this approach to do Facebook SSO with one mobile app and it worked very well. The mobile app was in iOS, and the backend service Spring Boot.
Discussion is welcomed.

Is there another way to access google APIs other than OAUTH2?

I'm trying to write a CLI script (ruby) to manage my youtube videos. Technically I'm updating a script that I used in 2012 to do this. It appears that since 2012, youtube has discontinued the simple client authentication mechanism and moved to OAUTH2 (though I'm not totally sure).
I'm wouldn't be the first to say that OAUTH2 is hell (just google it). It's been 3 hours and I still haven't gotten my old script to even authenticate with google (using the youtube_it ruby gem).
I simply do not understand why I would need to use OAUTH to access my own account on Google? What am I missing? I thought OAUTH was so that separate users could give access to applications to temporarily access their data.
Is there another way? What am I missing. As one blogger commented OAUTH2 is enough to make one want to change careers. Even the lead dev quit the project.
The Youtube API docs is specific in stating that if you're going to use Youtube API (or other Google APIs), you must learn how to use OAuth:
If your application will use any API methods that require user
authorization, read the authentication guide to learn how to implement
OAuth 2.0 authorization.
Youtube has a Ruby Quickstart sample which includes the OAuth process.
I simply do not understand why I would need to use OAUTH to access my own account on Google?
I think OAuth answers exactly that question, "how will Google products know if you are who you claim to be?"
Read the OAuth Google guide for more info.
OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and google. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices.
for more detail study :-
https://www.rfc-editor.org/rfc/rfc6749

Xamarin Auth plugin Oauth2 and Google sign in

So I've found a bunch of great tutorials on how to use the Xamarin auth component to authenticate using Oauth2 via Facebook and Google. It seems straightforward and I have no problems getting it working with Facebook. However, using Google always produces this screen:
I set up the credential at the google developer site per the tutorial and I've tried multiple tutorials / git hub projects and they all produce the same result, no login. Does / will Xamarin.auth work with Google authentication?
Thanks.
Here's one I worked through but there's a bunch of them:
https://developer.xamarin.com/samples/monodroid/google-services/SigninQuickstart/

Resources