Yammer authentication - yammer

I have registered a dummy app with Yammer, as I am still in testing phase. I gave the homepage of my org as the redirect URI. Honestly, there is no app hosted anywhere. Still, I think it is possible to test the authentication and go till creating a token. This is what I have done.
Navigated to https://www.yammer.com/client_applications page.
Registered an application. I provided the "RedirectURI". I got a "Client Id", "Client Secret", and "Expected Re-direct".
Since I don't have an app to launch anything from, I manually typed in the following URL in the browser. "https://www.yammer.com/oauth2/authorize?client_id=[:client_id]&response_type=code&redirect_uri=[:redirect_uri]".
I was taken to the app registration page. I clicked "Allow".
Now the page is redirected to the home page of my org, as I provided along with "www.<<>>.com/code=".
I copied this code over, tried to launch "https://www.yammer.com/oauth2/access_token.json?client_id=%s&client_secret=%s&code=%s".
I expected a token to be created, so that I go back to my dummy JAVA program and start connecting to Yammer, but I am not allowed to connect in above step. I am getting a "Not Authorised" error.
Can some please point out what I need to do? My requirement is that I get this token not from with in an app, but then on use it in a SWT based Rich Client JAVA application to connect to Yammer.

I think the request to oauth2/access_token.json needs to be a POST not a GET

Related

How to access to google project from ui rather than link get from eclipse console

I have developed a tool for handling google sheet using spring boot with google sheet api. When I run the application from UI ,then eclipse console will show a link for OAuth authentication so that to get data in UI Eclipse console.I need to get back to console and take the link to browser for authentication. So my question is how to authenticate it through UI rather than going to console manually.
I selected react js as UI, and I added GoogleLogin to it
`
This tool is requir a google account to access<GoogleLogin
clientId="my client id"
redirectUri="http://localhost:8888/Callback"
scope="https://www.googleapis.com/auth/spreadsheets"
responseType="code"
accessType="offline"
buttonText="Choose account"
onSuccess=""
onFailure="" ></GoogleLogin>
</div>`
even though react js code worked,i will get the sheet data only after authenticating using link given in console.Please help me to solve this
You may redirect it directly but it would only work in case you are having that url working.
Let suppose, I'm hosting my application on http://localhost:8080/myProject then it would be redirect you to some url, you would be get that using this way.
Generate Credentials.json file while keeping redirect url blank.
Put this file to resources
Run project again
It will give you the response url, Do something for mapping that URL to your needed re-directional url.
Let me know if you need anything more in this.

How to Create OAuth Client ID?

I am trying to run this github project.
For this I need to create credentials and OAuth Client Id.
When I click to create. After selecting web applications and typing the name I see authorised javascript and authorised redirect uri.
So what should I enter there because I tried with keeping both fields empty. But I got error saying no redirect url found for client id
Please help me.
I am using Developer Console for first time can't find any help on internet. This site is my last hope.
I did as said in [comment].2
Here is what I got in Linux shell and the error i received on redirected url opened webpage.
Linux Shell Message
/YouTube-Subscription-Importer/env/lib/python3.6/site-packages/oauth2client/_helpers.py:255: UserWarning: Cannot access subscribe.py-oauth2.json: No such file or directory
warnings.warn(_MISSING_FILE_MESSAGE.format(filename))
Your browser has been opened to visit:
https://accounts.google.com/o/oauth2/auth?client_id=1069660256195-n8adm0dmi70v29i55hcfblftle09hb5n.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fyoutube&access_type=offline&response_type=code
If your browser is on a different machine then exit and re-run this
application with the command-line parameter
--noauth_local_webserver
Snipe of what redirect url webpage said
**MOST IMPORTANT
I am running this in windows bash.
Now tell me what to do next.
I just simply need a tutorial/how-to use guide for Google developer console credentials and OAuth Screen.
**
You need the redirect URL, you will be redirected from Google OAuth Consent Screen to https://REDIRECT_URL?code=AuthorizationCode, you can just set it to http://localhost.
After creation, you can your find Client ID on the Credentials page.

Can/Should I hide the details of Error 403: org_internal in google login?

I am using Google's login API for a project that needs to be internal to my organization. When I tested to see what happens if I try to login with an account that is not part of that organization, this error showed up:
Error message image on https://i.stack.imgur.com/bnXNw.png
This error shows the client id provided by my API panel on my developer account.
Is showing that information safe? If not, what could I do to hide it?
Thank you in advance!
The client identifier [1] and everything else on the error page is not considered a secret. The error message has two uses: to lock your app down for internal usage and to allow users to use that information to escalate to you, the developer, or their admin that they need access to a particular app if they have a legitimate need for it. For the latter, it is important for users to be able to identify apps, typically using the client ID.
[1] https://www.rfc-editor.org/rfc/rfc6749#section-2.2

yammer client application external networks 401

I am creating a windows plugin which would access Yammer data like groups user follows etc, for this i created a client application and accessed yammer rest api using client id and access token i get after user allows my app to access his data in a consent page. I am able to successfully do all this when people of my network are trying to login but this does not work when the plugin is being used by people of other networks, I am able to receive the access token after the user gives his consent in user consent page, but when i try to access his data like fetching groups using rest uRL i get an error saying "{"response":{"stat":"fail","code":17,"message":"Attempt to access a protected resource failed."}}"
please be noted the client app i created is not yet deployed into Global App directory, I really doubt if this is the actual cause of the issue, because i think if this was an issue it should not have recognized the client id itself and would not have shown the external network users the consent page too. may be if i am wrong please correct me
To access users on other networks' data, your app must be globalized (even if you don't want it to be listed in the Global App Directory). Without the user's consent, your app is not allowed to attempt to login on behalf of the user, thus they see the popup for authentication, and then the auth process fails because the app is not globalized.

failed to authorize twitter when trying to authorize app with windows phone 8/8.1

I've got a windows phone 8/8.1 app which contains a page with an embedded web browser on it. I build a list of articles extracting information from the website and all of this works fine but note that I only use this web browser to display an article when a user has clicked on the item in my list.
The article in question provides a button to allow user to leave comments via twitter. At the bottom of each article there is a "Twitter Log in" button. When I click on it, it brings me to the authorizing page and it displays the news website as the app I want to authorize.
After entering my twitter credential and clicking on the "Authorize App", I get the following error:
Exception of type 'Microsoft.Phone.Controls.WebBrowserNavigationException' was thrown.
Then a Twitter webpage gets displayed display the following:
There is no request token for this page. That's a special key we need from applications asking you to use your Twitter account. Please go back to the site or application that sent you here and try again. It's probably just a mistake.
It definitely authenticated me as I can see my Twitter account picture but it failed to authorize the app.
I understand that my app is not the original website as it is a wp8/8.1 app but what I'm calling in the web browser is the page that contains all the original code from the news website and therefore you would assume everything would work as if I was calling the website directly from a browser.
If I call the website from the browser that comes with wp8/8.1, it works as expected!! Strangely enough they have the same functionality but using facebook and this works as expected.
I've had a look at html the "twitter authorized page" when called from my phone and when called directly from my web browser on my laptop and while I can clearly see the form contains an hidden field for authenticity_token with a value and a oauth_token with another value, they do differ.
I don't know if they're suppose to be identical but as I said, I don't understand why this wouldn't work as when I display the article in the embedded web browser, you'd assume that everything else that goes on after this would behave as it would in a regular web browser and when this 'authorize app' button is clicked, you'd assume that all values would be passed as normal and the app would get authorized but nope!!
Any suggestions on how I could possible resolve this problem?
Thanks.
I can't really tell what's going on, but it looks like you would have to implement Twitter OAuth. Luckily for you there is already a library that can do that - https://github.com/konradbartecki/TwitterAutherino
I am the author of this library, so let me know if you need some support or non-existent features.

Resources