How to configure my web app (Asp.NET MVC)!?
I use identity with Google login, but I don't understand how to configure my app.
Because in the documentation have 2 samples, but I don't understand how is good config my Apis!?
You will have to register your application in Google Developer console.
Next, after authentication succeeded, you will have to send a request to YouTube Api with the obtained tokens a client ID and secret
You can try out these from the Google Api playground best before coding.
Link: https://developers.google.com/oauthplayground/
Related
I'm fairly new to programming, I've just got the basics down in terms of object oriented programming and a little bit of databases. I was just wondering if anyone could give an in-depth explanation as to what Google's credentials.JSON file does when trying to use their API. I'm using visual studios and c# if that's important.
Google's credentials.JSON contains information about your application that will identify it to google. It also gives your application some information it needs in order to find Googles oauth server and use it.
You should be aware that there are three types of files. Web, native and service account. The files are designed for use with different types of applications.
A web application would use web credentials and the code designed for authorization with a web application
A native application would use native credentials and code designed for use with authorization of a native application.
An application which would be just for server to server communication between data the developer owns and does not need to access user information would use service account credentials and the code needed for authorization with a service account.
Below is the example of the oauth credentials used for a web application.
{
"web":{
"client_id":"450547033183-5uok2fl5u.apps.googleusercontent.com",
"project_id":"developer-info-2b41cd",
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"token_uri":"https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
"client_secret":"Fu8ZmTGOMvHjqQEseZE68hg",
"redirect_uris":[
"https://developer-info-2b41cd.firebaseapp.com/__/auth/handler"
],
"javascript_origins":[
"http://localhost",
"http://localhost:5000",
"https://developer-info-2b41c.firebaseapp.com"
]
}
}
client_id Identifies the client to google so they know which oauth client this is you can create more then one set of credentials per project.
project_id your project on Google developer console.
auth_uri The Url endpoint you will need to contact google to authorize
token_uri The uri end point you will need to request the initial token.
auth_provider_x509_cert_url The location of all the oauth certificates
client_secret think of this as the password for your client id.
redirect_uris Authorized urls where you would like the authentication to be returned to.
99% of this is used by Googles Oauth2 server to authorize both your application and the user attempting to login. If your interested in how Oauth2 works i suggest reading though some of the RFC's for Oauth.
I have integrated the google ios SDK for a signIn in my app and able to generate the authorization code using the same. While trying to use the same authorization code on the server-side, I keep getting the redirect_uri_mismatch error. There is not any redirect URI set in google API console for Web client (Auto-created for Google Sign-in).
Here is my credentials details
I have downloaded the same credential JSON and using it with the Python code provided in the google doc.
Any help would be much appreciated.
Redirect UI is important for web applications in order to know where to redirect after login is completed. Add one which is applicable in your case or you can add base url of your website for it work in case you are just adding google sign-in in your app and not on web.
I'm having difficulties finding documentation for auth0 and microsoft graph integration. My end goal is to have a SPA that can login with a microsoft profile to auth0 (connected to azure ad). Then I want my app to get a token for microsoft graph and do some api calls.
As I've understood it so far, auth0 does not allow you to get the access token to different identity providers in a front end application, but rather that they should use a proxy to get this token. My flow therefore is:
I login with a SPA auth0 app (using a microsoft identity)
This is then used to authenticate to a backend server using a api registration in auth0
The backend has its seperate machine-to-machine app in auth0
Backend api uses this seperate app to get access token to auth0 management api
Current user is fetched (based on the logged in user from front end app login) from management api,
Here i find an access token under the azure identity (if I do the same in the front end, the access tokens are omitted)
Token does not work to call graph, I am unsure of where to send it next.
I am aware that the above is probably completely wrong, that's why I am here :)
My questions are:
1) Is it even possible to get an access token for microsoft graph starting from a login to auth0 in the way I want it to. If not, can it be done from a backend?
2) Does anyone have a link that discusses this, ideally with some code samples.
To answer your first question:
1) Is it even possible to get an access token for microsoft graph starting from a login to auth0 in the way I want it to. If not, can it be done from a backend?
I have had the chance to authenticate apps using the microsoft identity library called MSAl whose documentation is found here. It gives a pretty detailed way to authenticate directly from your SPA.
I have also used the microsoft javascript sdk as it comes inbuilt with token caching and refreshing so that I do not need to build that for myself.
In relation to this,
Does anyone have a link that discusses this, ideally with some code samples.
You can find the samples well described in the samples section of the SDK
I hope this helps.
I have been playing with the new Admin SDK in conjunction with the "upgraded authorisation experience" and wondered if someone has and experience/examples on how to use it. From what I have read, if you upgrade the authorisation experience you shouldn't need to use OAuth 2.0 and get a client ID and secret from the API console.
When you upgrade the authorisation, the API console entry is automatically created so you just have to turn on Admin SDK. Your app should then run simply using your own admin credentials.
Have I misunderstood this and if so, what is the benefit of the new authorisation experience?
I can use the Admin SDK just fine if I create a client ID and secret in the API console but this is using OAuth 2.0 then.
If someone has an example of how to use the admin sdk with OAuth 1.0 i could have a look at it would be much appreciated.
You will still need get your tokens and API key...
Take from the Directory API documentation:
If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access (hybrid) or domain-wide delegation of authority (2LO), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key. You can find your application's API key in the Google APIs Console, in the Simple API Access section of the API Access pane.
If you are looking for an oAuth2 example with GAS, Arun has a nice example he posted on GitHub, see the SO posting: How to authorize with oauth 2.0 from appscript to Google APIs?
Sorry, I don't have any oAuth1 example to interface with the new APIs.
I have a web application written in ASP .NET MVC 3. I'm using ACS for authenticating my users and I defined Google, Windows Live, Yahoo! and Facebook as identity providers.
Now I want to expose a REST API for the application (I want to create an app for WP7). Some of the calls require that the user is authenticated so I thought I should pass a token in the authentication header of the request. What is the best approach to do this with ACS? Is the ACS able to provide me these kind of tokens or am I responsible for writing the code that generates these tokens?
Yes. ACS supports this scenario with "Simple Web Tokens" (SWT). See here, or any of the "released" documentation in ACS. ACS v2, currenlty in labs, has expanded support for WS-Fed, WS-trust, etc (this is what you are using today).
Here's a blog post I wrote with more information for the phone.