I have a Google Apps Script endpoint that sends a json response after signing in with a custom google account. Eg. abc#company.co.in
I have another server in which I want that json response after hitting the google apps script endpoint.
I tried using oauth2 but it again redirects to the google sign-in screen to get the response. I need to automate the sign-in so that there is no need to sign in again and again.
Related
I have integrated the google ios SDK for a signIn in my app and able to generate the authorization code using the same. While trying to use the same authorization code on the server-side, I keep getting the redirect_uri_mismatch error. There is not any redirect URI set in google API console for Web client (Auto-created for Google Sign-in).
Here is my credentials details
I have downloaded the same credential JSON and using it with the Python code provided in the google doc.
Any help would be much appreciated.
Redirect UI is important for web applications in order to know where to redirect after login is completed. Add one which is applicable in your case or you can add base url of your website for it work in case you are just adding google sign-in in your app and not on web.
I am writing a google drive desktop application and I am using OAuth 2 to get credentials. I can get creds for just reading, but not changing files. As it is a desktop application, there is no site. It is written in https://developers.google.com/identity/protocols/oauth2/native-app, that I need to "supply a local redirect URI to handle responses from Google's authorization server". So, should the client also be a server and listening on some port locally? If I want to have the app verified, I need to provide Authorized domains and other stuff, but it is a desktop application, again. Or maybe there is a way to allow users to use the app, but with a warning on a consent screen for example for development purposes.
Also how to hide the credentials, that I use to get the token? If I publish the app with the credentials, everybody can just steal them and use them
In order to develop a desktop application which will use the Drive API you will have to use credentials of the web app type for which you will later provide the appropriate redirect URI.
By using OAuth 2.0 in your application, you are the only one who has access to the credentials for the application - unless you share them.
According to the Google OAuth 2.0 documentation:
You start by obtaining the OAuth 2.0 client credentials from the Google API Console. Then your client application requests an access token from the Google Authorization Server, extracts a token from the response, and sends the token to the Google API that you want to access.
For the login process, when the users will log-in to your application, they will use their own credentials and then they will have to authorize the application you have built in order to be able to use the Drive API.
Reference
OAuth 2.0 for Mobile & Desktop Apps;
Using OAuth 2.0 to Access Google APIs;
I'm using the LinkedIn Javascript SDK on my website in order to allow users to register and log in via Linked In.
I want to achieve this without redirecting the user to Linked In, but instead via the popup window.
The issue is, I'm not sure how to securely get an access token, which I can then use to get the users profile and create an account.
Currently, via the Javascript SDK, I can log the user in without redirection, and receive a oauth_token, which I then post to by backend. My Here is my code:
IN.User.authorize(function(){
$.ajax({
type: 'POST',
url: '/auth/li/'+IN.ENV.auth.oauth_token,
});
});
This succesfuly sends the token to my server, but how do I use it to then get an access token in order to use in the backend?
I tried to simply convert it to one using the LinkedIn API with
https://www.linkedin.com/oauth/v2/accessToken
but I get an error
Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired.
I sort of understand the error, as with the javascript SDK there is no redirect URI.
With the Facebook SDK/API, on successful authorisation via the Javascript API, a cookie encrypted with my app secret is stored, and my backend can decrypt and read it, and then finally create an account.
Is there something like that in LinkedIn that I missed?
I have the same issue, with Google and Facebook SDK I can get access_token but linkedin SDK auth_token is not working. I think we need access_token but don't know how to get that with linkedin SDK.
I have come up with a solution. I ended up not using the javascript API. What I did was generate a login URL on my server and retrieved it via AJAX. I then created a javascript popup window and aimed it at the login url. One the user authenticates, linkedin redirects to my selected redirect URL within the popup, and I can then authenticate on my side (and close the popup).
I have a 3-legged auth flow working on a web app of mine. It goes as follows:
Use clicks Connect with Google
They accept on the OAuth dialog that Google Provides
The page gets redirect to my backend's /oauth/google endpoint with a code parameter which I send to Google to get a refresh_token so I can access data (like calendar info) on their behalf
I redirect back to the web app passing my own JWT token in the URL.
Whenever the web app makes a request like api.mybackend.com/me they use the JWT token I provided
I'm trying to accomplish something similar in a mobile app. What's the acceptable way to do this? Is it pretty much the same logic?
If it helps, my backend is Ruby on Rails and I'm writing the mobile app in Swift.
Thanks!
If you're using NSURLSession to make HTTP requests, then see this for information about handling redirects.
Google also has some pre-built Google Sign-In packages for iOS and Android that you can include in your app, similar to the one in your web client. I've never used them though, so I don't how exactly they'd integrate with you app.
Alternatively you can set up an authentication endpoint in your backend that handles the whole thing, with the app only ever making one request to your server and your server handling communication with Google. So, for example, you could have the user submit a request to /oauth/mobile. The server then submits an authentication request to Google and gets an access token and a refresh token. Then you can return your own app's token from the server. Google has some documentation on Google Sign-In for server-side apps that may be relevant.
We have 1 google app with 2 separate sets of credentials.
One for a web app, the other for an iOS app.
We're trying to have users authenticate on mobile and send the "code" parameter to our api where we turn that into an access_token and refresh_token(for use with background processing). The issue that we're getting is "unauthorized_client".
We've been following the portion for "enable server-side api access for your app" https://developers.google.com/+/mobile/ios/sign-in
The api is using the same credentials as the iOS app for these type of exchanges.