I am newer with jhipster and spring security.
I have created a new application with OAtuh 2.0. It's work well.
Now, in my code, I wish get the user oauth. Do you understand ?
As : MyUserConnected = oauth.getUserInfo();
Thank you
Vince
if you are looking for the current User's infos, the one who's currently connected :
final String userLogin = SecurityUtils.getCurrentUserLogin();
will get you, by definition, the current user login, then :
Optional<User> currentUser = userRepository.findOneByLogin(userLogin);
will get you the entity User linked to the login, from which you can access all information with currentUser.get().getEmail() for example.
I don't think it's different, whether it's OAuth or not.
hope this helps.
Related
My JHipster app has some automatic tasks that happen on all users, so I'd like to know if user is deleted from the Identity Provider (in this case Okta):
Is there any place where this is already implemented?
If not, I'd welcome suggestions how to implement this?
This is not implemented in the current version of JHipster. You could use the Okta Java SDK to delete users. https://github.com/okta/okta-sdk-java. For example:
UserList users = client.listUsers();
// stream
client.listUsers().stream().forEach(user -> {
user.deactivate();
user.delete();
});
I am using instagram to recieve the list of people i follow and although api returns the status code 200 I recieve absolutely no data.I tried using postman client instead of my code and even from there no data is being returned I am hitting the following service.
https://api.instagram.com/v1/users/self/follows?access_token=token
one thing to be noted is my application is in sandbox mode and this same access token is working and fetching other information about the user including media shared by the user and its basic information etc and user follows and is followed by several users.
Please suggest the solution thanks in advance.
I may have answer to this question since I was facing the same issue on my WinRT project yesterday.
You may need the relationship scope instead of 'follower_list' scope.
I am assuming that you have provided the scope as 'follower_list' in the authorization URL and logged in as yourself or through your own Instagram account(the same account with which you have created your Instagram app). And now if you are hitting the above service it will return nothing in data since you are requesting if the user is following you or not(so obviously you are not following yourself)!! So if you try logging in with someone else's Instagram account and hit the above service with follower_list scope it will return your Instagram account in data if the logged in person is following you.
EDIT
The above service will return all the users that are following you AND present in your sandbox users list. (Or at least that is my conclusion on this)
For further clarification try https://apigee.com/console/instagram for hitting this service there they are using the relationship scope.
I've gone through OAuth on a web application and obtained the access token...
Now, I figure I should use that access token to upload a video, but the API v3 doesn't seem to let me use it. I'm looking at YouTube Data API: .NET code samples. In particular, this line seems strange to me:
UserCredential credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(secrets,
new[] { "YouTubeService.Scope.YoutubeUpload" },
"user",
CancellationToken.None);
The third parameter user, I guess is the user name. I don't get that info from an OAuth2 response. I don't even know what is a YouTube user name - I only see display names when I look at people's YT profiles, and those display names are NOT unique. What is this third parameter?
The function name AuthorizeAsync implies that we have yet to obtain authorization - but then why go through OAuth in the first place? Having an access token to me means that the user already authorized our app to upload.
I also found this possibility of being able to pass the access token:
var token = new TokenResponse()
{
AccessToken = "xm239jjks9f98900....."
};
UserCredential credential = new UserCredential(new GoogleAuthorizationCodeFlow(
new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = secrets
}
), "userId", token);
//GoogleAuthorizationCodeFlow
YouTubeService youTubeService = new YouTubeService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = Assembly.GetExecutingAssembly().GetName().Name
});
Just by the name of "TokenResponse" seems like I shouldn't build it explicitly. Also, GoogleAuthorizationCodeFlow.Initializer has the parameter for userId, which gain, I don't know because that's not given to me by OAuth2.
The BaseClientService.Initializer() also has the ApplicationName, which is what? I don't think it's Assembly.GetExecutingAssembly().GetName().Name as I copied from somewhere.
I tried to run the code above and I'm getting the error "The access token has expired but we can't refresh it" - but the user has just logged in within the last few seconds, so that access token is new.
Sorry if I'm asking something obvious, but the official docs don't tell me anything and similar questions to what I'm asking here on SO remain unanswered. Please help!
UPDATE:
In my case, all of the code resides inside a custom-made Web API function, but I think it will work the same on any server-side page (.aspx.cs) or MVC controller.
I found out that we DO keep the literal string "user" no matter who might be logged into his/her Google account. I guess the internal workings of UserCredential or GoogleWebAuthorizationBroker know how to pull the right data, maybe from cookies (?), and the UploadAsync function will know to which account to upload the video to.
I also used the GoogleWebAuthorizationBroker instead of building the UserCredential and Token from scratch (which resulted in the "expired token" message).
Now, the thing that I luckily stumbled upon after desperately trying anything, is that I needed to set up an Installed Application (Native) of type Other, which is SEPARATE from the web application. That Installed Application will have its own set of client id and client secret. Using those credentials, the upload worked!
... But there are some things that are quite not right. The user will be asked to authenticate your client app again - but there will be a new tab open for that consent, and when you click Accept (or OK), you'll land an empty page that says something like "access code received". Your upload actually happened but this is a very dirty and unacceptable user experience issue.
I'm still not satisfied as what I think I did is hacky/wrong.
I ran into this exact problem. By examining the code, I discovered that you can work around the problem by setting the Issued and ExpiresInSeconds properties on TokenResponse:
token.Issued = DateTime.Now;
token.ExpiresInSeconds = int.MaxValue;
It's a hack, but it works like a charm! It seems like the authors of the .net client assumed that you'll always have a refresh token, as they make it difficult to use the access token alone. The java and python libraries are much more intuitive in this regard.
It does not seem to matter what you pass for the user strings.
Problem : I am facing difficulties in getting user's birthday from api calls and I am new to OAuth.
Steps followed : (Have followed all steps required for implementing login with google+)
1. Created an app.
2. Obtained app_id and secret_key.
3. Did not make use of SDK, implemented the process without SDK in php.
4. Obtained "CODE" by calling accounts[dot]google[dot]com/o/oauth2/auth?
5. Using the code from the URL parameters requested for access token by HTTPS POST method to https://accounts.google.com/o/oauth2/token, using CURL
6. When accessing the login page, user is asked for permissions to access the information such as email, profile, DOB etc., but I am not able to find a way to get that date of birth
7. I have tried access www[dot]googleapis[dot]com/plus/v1/people/User_ID?key={THE_API_KEY} . Still no luck
Please guide or suggest me on how to get the DOB. Also let me know if there is any other information I missed to share.
Thanks in advance.
Cheers!
Farhan
Well Well Ofcourse.. It has to be a security thing from google.
I got to know after I did a part of unit testing with different scenarios and missed out on a simple thing that google only responds with the b'day information if the user has allowed to in his profile settings.
all if the birth year is hidden, it will throw 0000 as year in the response of the HTTPS Post method.
If I am wrong in any of the information provided, Please do correct me.
Cheers!
Farhan.
i'm making a program which used twitter connect as its core and it is developed with adobe AIR, the library i used it Tweetr, and everything is perfect until i don't find any example on how to logout and login again. I've used tweetr.destroy() and tweetr.endSession() but there is no effect in the program. Now i'm in very desperate situation, would thanks to anyone that can help me through this.
As far as I'm aware, there is no way to log a user out using Tweetr, because the Twitter API does not provide a method for this. If you need to log in again, you can simply restart the oAuth process, or alternatively you could try pinging http://twitter.com/logout with URLloader to log you current user out of Twitter. This is the URL used on the oAuth popup when the user wishes to change account before authorising an app.
endSession only ends your current API session.
Try tweetr.endSession()
As per the Tweetr documentation:
public function endSession():void
Ends the session of the authenticating user. and Returns a HashData object with the response.
This method requires Authentication
http://tweetr.swfjunkie.com/docs/
Know this is old. But will post the answer anyway.
Try this: htmlLoader.manageCookies=false;
Works for me:
htmlLoader = HTMLLoader.createRootWindow(false, null, true, new Rectangle(0,0, stage.stageWidth, stage.stageHeight));
htmlLoader.stage.nativeWindow.alwaysInFront = true;
htmlLoader.manageCookies=false;
addChild(htmlLoader);
oauth.oauthToken=new String();
oauth.oauthTokenSecret=new String();
oauth.htmlLoader = htmlLoader;
oauth.getAuthorizationRequest();