I have a big problem with development of Office add-in that is causing me big headache.
I need to extract the OAuth 2 token from a back-end written in Spring. I have tried all the samples from Microsoft Documentations, GitHub snippets and projects etc. Nobody works. Apart from MSAL Library that is extracting the token but the window is stuck in a loop of trying to login with Azure.
I know, this is not the correct way. But until now I haven't found any better solution yet. That's why I'm asking here.
Someone got a sample project? A snippet? Or something that could help me to do the job? Unfortunately, office-js-helper is abandoned. So I don't know what I can do.
Thanks
Related
I'm fairly new to working with Oauth 2.0, and the place I'm interning asked me to create an app that is runnable from the console and uses the OAuth 2.0 Password grant.
I'm really stumped as to where to start in general. I'd like to write it in either C# or java.
I'd like the app to run once every 24 hours and in extend to that, to run it from powershell using something like run myProgram.exe
The app needs to use webhooks to call the API.
How do I approach this? I'm using Visual Studio 2019.
What kind of project should I create?
I've tried reading a lot of documentation, and know how to do the most of it on paper, but I found the documentation for the initial steps lacking.
Hope you'll be able to help :) Thanks!
Edit:
I realize the question might have been a little too broad.
Essentially, I'd like know if I can create a serverside-web app, without any UI only console-output, that:
connects and gets an accesstoken from the authentication server,
Makes the API-calls
Can be converted to a .exe-file.
Hope that clears it up a bit :)
I know there is an ongoing battle about OAuth1 vs OAuth2 and Google seem to have taken the side of v2 and deprecated their super useful online testing tool that was hosted here...
https://oauth.googlecode.com/svn/code/javascript/example/signature.html
We still use OAuth 1.0a and it suits our needs perfectly. Does anyone know of an alternative online test tool for verifying signatures?
Since this question came up when I searched for it and even though it's probably too late for the asker:
I couldn't find any online tools, but Postman does a great job of allowing you to test OAuth1. They have easy to follow instructions as well:
https://learning.postman.com/docs/sending-requests/authorization/#oauth-10
I have spent the past three days researching OAuth 2.0 and I understood how OAuth can be used to interact with a service provided by a heavy weight such as Google or Facebook. However, I'm struggling to see how someone without a team of tech wizards (aka Me) goes about protecting their API with the protocol.
I have a number of questions and was wondering if someone with some experience can help me.
Here goes nothing...
Is there a clear cut leader in terms of an OAuth Authorization Server implementation (Java)? If yes, is there any good resource out there to teach me how to use it?
Its my understanding that I would need to either build an authorization server or leverage a library to dish out client secrets/tokens.
Should I even be thinking about a library or should I be building my own implementation?
Is OAuth still relevant? From what I can see, it seems like the hype around the technology has leveled off or diminished since 2010. I also saw an article where the spec lead disassociated himself from the protocol.
I appreciate any advice or help, I can't find many resources on this topic that address it clearly (tons of Powerpoints, no code). There seems to be a bunch of talk about how it works, yet no book or article can give a solid tutorial. The documentation for the providers I have found is also very spotty at best. I'm just really starting to question whether this is a legitimate undertaking for someone looking to protect their own simple API. Thanks ahead of time.
Take a look at the Libraries on the OpenID Connect developer pages here: http://openid.net/developers/libraries/
I don't think there's a clear cut leading Java implementation yet
I would not recommend implementing the Authorization Server part on your own, that is the complex part and details matter because this is about security; the client part is easier and should be possible to build even without a library
OAuth is very relevant as it is the only standard out there for securing REST APIs; the hype is over, and now it is common technology; just take a look at all big vendors/SaaS out there, they all use it (starting with Google, Microsoft, Facebook, Twitter etc.)
I'm trying to implement OAuth 2 connectivity for an old site that's implemented in ASP over IIS 6 with VB (not VB.net)
I tried to find a library that implements OAuth 2 and could not find one. Is there such a library? If not, what are my options?
Sorry if the question is trivial, I'm new to VB...
Are you looking for something like this?
This library should help you get started on using OAuth in VBS. Everything you need to get is from here, place the OAuth folder into your project, then just follow the code samples provided.
Although he is using Twitter for his example, it can be used for any service that supports OAuth.
Does anyone know of an example facebook app (or facebook connect app) done in Erlang? I'm looking for something that includes the whole process. Specifically I don't seem to find anything on user authentication.
I've checked out erlang_facebook, erlang2facebook and erlyface but none of them seem to offer a simple and comprehensive example accessible to me as a beginner .
I'd be happy for just a bit of code to plough through though, preferably using mochiweb as backend.
I've played around writing a FB app in Erlang and looked at the projects you mentioned as well. I found it easier to just use FB's graph API directly for authentication, etc. I used Nitrogen/Mochiweb for the web server and made graph requests with httpc:request.
Zotonic (Erlang CMS/Framework) provides Facebook integration, including authentication.
http://zotonic.com/mod-facebook
A few years on and I still find Jeremy Raymond's method satisfying. In particular, wrapping their ever-changing url-as-an-API scheme inside your own API seems to be the most painless. httpc is useful, and so is cowboy if you are familiar with that.
Whatever you choose, you should absolutely not be designing your ideas around their API. Convert their ideas into your project's semantics by wrapping their API. After all, the web isn't the whole internet and you never know when FB might stop being the cool place to waste your life. There is no telling if your application/library/codebase-you-use-on-something-else will outlive theirs.