Aim: to authenticate to a Scala Play Framework using Google
Attempt
According to this documentation:
Version 2 is simple enough to be implemented easily without library or
helpers, so Play only provides support for OAuth 1.0.
Discussion
This and another example were found, but it seems that some classes need to be copied. I am looking for a library that can be imported and called in the classes. I do not want to copy code. According to the documentation Version 2 is simple enough to be implemented easily without library or helpers, but were could an example be found? Why does Play only provides support for OAuth 1.0?
You can use 3rd part libraries.
I prefer pac4j, it's easy to configure and use. You can use both scala and java, and you can use it in a lot of java frameworks, like Spring.
You can find other authentification libraries as well:
Authentication (Login & Registration) and Authorization (Restricted Access)
Related
I need to test integration with 3rd party using OAuth 1.0.
I didn't found any working solution except OAuthSampler which mark as deprecated and it states:
Does not work with JMeter v3.2+.
In JMeter 3.1 Plugin Manager it's marked as deprecated,
Can I still use it in JMeter 3.1 and how? Is there a working solution for sending OAuth 1.0 requests?
Is the main problem of plugin is the use of deprecated Base64Encoder?
OAuth has too many faces therefore I doubt the plugin has ever worked. The best way is reaching out to your application developers, if you will be lucky enough you will get a relevant OAuth client library and code snipped which will be producing the required token. If not - you will at least have Consumer Key and Consumer Secret which you can use for building up the proper OAuth login sequence and the necessary signature method (as OAuth requests can be signed using different algorithms)
See How to Run Performance Tests on OAuth Secured Apps with JMeter for more detailed explanation, approaches to bypass OAuth login challenges and code snippets.
Yes, you can use it in JMeter 3.1. The reason many plug-ins do not work with JMeter 3.2 are outlined in Incompatible changes section. Most important reasons are
Logging changes - this is the most popular reason for plug-ins to break. And looking at OAuthSampler, it seems the likely reason for this plug-in as well.
Java 8 version requirement. Could be a problem for some libs.
It's also not too hard to convert sampler to be 3.2 friendly (remove logging completely, or change it to use new standard methods), so you could do that from OAuthSampler source code. You can also use script solution described here
I am trying to use Google's new speech to text api: https://cloud.google.com/speech/docs/rest-tutorial . They currently have python and node.js examples.
Unfortunately, my application is RoR. I was looking through https://github.com/GoogleCloudPlatform/gcloud-ruby , which is a gem that interacts with google cloud services (but not speech). I was hoping that I could use the two together to come out with a working solution, but my knowledge of how to use API's is limited.
Enough background, my questions are:
Does anyone know if Google is going to put out a Ruby version of the speech to text api? If yes, is there a timeline?
If I am impatient, how would I go about using their current API's. By this I mean, is there a good resource for someone to learn how to use generic API's?
The gcloud-ruby gem now supports google-cloud-speech.
To address your other questions, there are no language specific versions of the APIs themselves. They are all HTTP APIs (either REST or gRPC), so they can be used from anything that can make HTTP requests. It can be tricky to use them directly though, because of things like how authentication is handled, which is why client libraries exist for different languages.
If you want to learn more about how to use the REST APIs directly, first take a look at the doc 'Using OAuth 2.0 for Web Server Applications' to find out how to manually authenticate, which has examples for Ruby and raw HTTP/REST.
We might want to create third party API to access our Plone CMS site data. One of possible methods to share the user priviledges in third party systems is OAuth2, as used by Twitter, Tumblr and Facebook. This way the third party gains the user priviledges after the user clicks "Allow" in the dialog for accessing one's data.
Is there an existing solutions where Plone acts as OAuth2 host (not sure about the terminology)
What other options there might be for this use case
I am not in rush, this is 2014 planning :)
As far as I know pmr2.oauth is the only package (disclosure: I also wrote this) that provide OAuth provider support for Plone (i.e. this lets Plone act as an "OAuth host", including support for scope so to let users know what they are allowing, like Twitter et. al.). There is another package that I briefly looked at called wsgioauth, but it is a fairly general package and it's for wsgi, so I ended up building my own package (and it looks like wsgioauth hasn't been maintained for 3 years now).
Currently it only supports OAuth 1.0; reason for that is that at the time of development there were no good OAuth 2.0 libraries, especially for providers. Only recently the support for RFC 6749 (the actual OAuth 2.0 standard) is beginning to surface through oauthlib, which is the library that does the signing of requests for pmr2.oauth. That said, hopefully I have it written in a way that is modular enough to plug in support for OAuth 2.0, or at least the core is easy enough to be modified to include support for this. I would be more than happy to have the Plone community to take it and improve on it (or even fork it off, or anyone knowledgeable in this area) as I don't have any immediate plans to include support for OAuth 2.0 yet.
I need to build an ecosystem of online tools (these tools are on various platforms like Moodle, Website Baker, ASP.Net, php, etc, some already built, some purchased from other vendors and some to be built), where I want a single login that the end user should have.
These tools, standalone, have their own login mechanism in place at the moment.
I am planning to build a central system on DNN where users register and this system exposes an oAuth service that other systems use to authenticate users against.
I am considering DNN (DotNetNuke) platform for the following reasons:
1. I am an ASP.Net developer and familiar to some extent with DNN (Not a whole lot, but enough to know that it has the concept of providers and modules that I can customize as per my needs).
2. I will need a shopping cart and a registration system which I am hoping to get some ready-made third party solution.
WHAT I NEED INPUTS ON:
Is there some DNN component out there already that exposes oAuth authentication from a DNN site? I am looking to implement something similar to what Google has implemented for it's oAuth interface.
If I understand you correctly, you are trying to build is called 3 legged authentication with oauth where you want dotnetnuke to be the provider. In order to do that in dotnetnuke, you need to provide a UI where consumers can register and get AppId and consumerKey. Once that is done, Consumer will send user to dotnetnuke for login. Dotnetnuke will validate the user and return appropriate information to consumer.
Here are some things that can help you:
DotNetOAuth library
OAuth website
http://code.google.com/p/extremeswankoauth/wiki/Server_Examples
http://www.cleancode.co.nz/blog/523/oauth-dot-net
Example oAuth implementation in java
Let me know if you need more help.
I don't know if it is the best way to accomplish the solution but it was what I did.
There's a code sample of DotNetOpenAuth here which uses OAuth to authenticate users. Probably you will see that there are more examples, and even newer but .. pay attention because If you are using the last version of DNN (7.x), it works using the .NET Framework 4 and the newer samples uses 4.5. So, take a look of the first example! The ASP NET Handler called OAuth.ashx is your OAuth Service provider.
Then, I built a DNN module based on the sample to make DNN work as OAuth Service.
I followed this guide to build the module. There are some videos which shows the basic of module development.
Is there a .NET OAuth library specifically designed to work against Twitter? Maybe even something to support MVC? A base controller maybe.....
I am currently using DotNetOpenAuth; it works well enough but seems overkill, in some places too complex and based on documentation more focused on openid.
Yes, several in fact. LinqToTwitter and TweetSharp are both .NET free libraries for calling into Twitter. DotNetOpenAuth has a longer history in OpenID than OAuth, but OAuth is very much a first class scenario for DotNetOpenAuth. That said, DotNetOpenAuth is strictly a protocol-level library, so higher-level libraries make calling Twitter much easier and I would highly recommend one of those.