I trying to set up Oauth2 for linking account for an Alexa skill. My current back end runs in python/flask and I'm thinking of using rauth library to do so.
I have very little understanding of Oauth2 and I am looking for sample code that shows how to share resources with the an Alexa skill. Does anyone have a good example?
Account linking works the same way for all languages and you should be familiar with OAuth2 to configure account linking in developer portal.
Read this answer about OAuth2
In Alexa users can link account in two ways:
From the skill detail card in the Alexa app while enabling the skill.
From a link account card in the Alexa app after making a request that
requires authentication.
When you link an account with your skill, every subsequent request from the skill will include an access token. You can then use this accessToken to get associated data for linked account.
"session": {
"new": true,
"sessionId": "amzn1.echo-api.session.xxxxxxxxxxx",
"application": {
"applicationId": "amzn1.ask.skill.xxxxxxxxxx"
},
"user": {
"userId": "amzn1.ask.account.xxxxxxx",
"accessToken": "xxxxxxxxxxxxxx"
Except for the code to send an Account Link card there is no coding involved in link-an-account process.
Related
I have a google login in my app when I try to click on sign in with google I do not see the permission it needs to access
My app uses users contacts and so I have added it to scope in consent screen settings but it do not show any permission. Can someone help me if there is anything else that needs to be configured as I need to verify my app from google
I want permission to display like this(sample image)
Scopes that I am using
this is the api
Lets use the Google Oauth Playground to test a little.
test 1 requesting authorization to Oauth2 scopes.
I am going to select Google contacts really there is not much point in selecting this one using google People api is a much better choice.
And everything under Google People API
This is the consent screen shown me
test two authenticating with open id connect
I am going to only request
Now profile and email are special they are related to Open Id connect, which is out side of the Oauth2 because of that i was not actually shown a consent screen. Because i am Authenticating to Google that this is me logging in.
I am not Authorizing any Oauth2 scopes because none were really requested. Now this make confuse you because by requesting profile you are automatically given access to the users profile data which means that you can access the Google people api and do people/me and get the information about the person.
conclusion
Only Oauth2 scopes appear to the user requesting access. not open id scopes.
I'm trying to implement apple pay on the web, with a payment provider (worldpay) which does not say they support apple pay on the web, only in-app.
To get around this, I'm trying to be cheeky and do the integration by "pretending to be an app". I use an apple pay token I obtained from the browser, and send it to the payment provider using the same endpoints used by an app. Everything looks like it's working fine, but in the end all payments are declined, as though the bank has declined a payment. They show up in my wallet as declined as well.
In order to figure this out, I want to know: is a difference in the structure and/or contents of the apple payment token in apps and on the web? And if so, what are the differences?
I've read this Payment Token Format Reference from apple but it did not make me any wiser.
Here is an example of how a token looks on the web:
{
"version": "EC_v1",
"data": "DP...A=",
"header": {
"ephemeralPublicKey": "MF...5g==",
"publicKeyHash": "kd...l4=",
"transactionId": "a5...3e"
}
}
Appriciate any help!
From what I know, no there is no difference between tokens. Even though I only used it with swift in-app, I would assume the tokens are the same just like with stripe and paypal.
Some research on this suggests that since they don't mention a difference in their official documentation, I would suppose they are the same.
https://developer.apple.com/apple-pay/planning/
Hope this helps.
Apologies if this is a newbie question but I'm hoping someone can offer some advice.
I am fulfilling my Google Assistant intents via an Express app. I would like for users of my action to be able to get and modify data from their Strava account. Strava supports Google Authentication and I wondered if I could use node libraries such as Passport (https://www.npmjs.com/package/passport-strava-oauth2) to allow users to sign in to their strava account so that my action can make calls for their data?
I have a welcome intent that gets some Google profile data so wondering if I can pass through some details from this response?
googleApp.intent('Default Welcome Intent', (conv) => {
conv.ask(new Permission({
context: 'Hi, can I get your details from your Google account?',
permissions: 'NAME'
}));
});
Yes, but probably not in the way you're looking at.
The Permission helper requests access to specific types of information - name and location. You're looking to establish more of an identity relationship (using their email address or Google account).
You can do this using Account Linking.
If you're sure you're using Google Sign In on the Strava side then things are even easier and you can take advantage of Google Sign In for Assistant. With this, once they sign in, your Action will get an Identity Token which you can use to get information including their Google ID and the email address associated with the signed-in Google account. They only need to sign-in once - afterwards, you'll be given an Identity Token whenever they connect.
If your Strava project and your Action are both using the same Google Cloud Project, things get even easier for your users. Once they have signed in on either client, they're signed in on the other one. So you'll know who they are immediately through the Identity Token.
Our app requires Google OAuth2. When a user, with an existing Google account, authenticates with Google then we use a callback to return users to our App. This is what we want.
The issue is, for those users who do not have a Google account we ask them to create a Google account (gmail address) or connect their existing email address to Google. A user who has to follow either of these flows ends up on the "Thanks for creating a Google account page" and not back at our App.
This is supposed to work as you are expecting. There is a continue button on that page and that should bring the user back.
If that is not working, can you tell us more (about OS, client id, urls and the exact steps) or give us a link to test/reproduce? Is this on the web or on mobile app?
The Amazon skill was set up with login with Amazon for oAuth, after successful login into Amazon, the Alexa app throws up and error saying "an error occurred while attempting to link Alexa with . Please try again later" Are there any other configurations that I might be missing? Alexa was launched in India very recently. Anything specific that needs to be done for this region?
Link to the skill configuration
Link to LWA configuration
The issue was in the skill configuration. In the current release of the smart home skills API, Amazon provides developers with an inbound endpoint on Alexa. This allows developers to send asynchronous messages to the Alexa service.
This requires region-specific lambda functions and an authorization framework set-up by the developer.
documentation on sending events to the Event Gateway is here.
As far as I could find out, this is not yet enabled in India- only EU and the US
In the screenshot attached to the question, you can barely see this enabled under the "Permissions" section.