Box.com Service Account access - oauth-2.0

All box.com's api's read to require OAuth 2.0 using only Authorization Token grant types. I have a back end system that needs to upload a file to a box.com system. However, I do not understand how a back end system is suppose to integrate, when the authorization flow requires user "approval" to get a token.
Anyone ever done this? I am attempting to integrate a java mule app. I attempted to use the components, but they plain do not work at all, they break the entire anypoint studio. Now I am trying to utilize the http component to make the call but I am losing my patience with it.
please help, I am pretty much ready to drop kick this laptop and live in the woods.

Integration with public online API requires a little study, a little coding, and a little testing. I'm not saying it's easy. Take a look here at a Mule component I've recently created that communicates with Toggl, an online timekeeping service.
https://github.com/ciwise/toggl-api-connector
Your question requires a lot of discussion but it's best answered with example. If Box does not provide a Mule component, you can create one yourself.
The HTTP connector is not going to authenticate or perform any operations at Box for you. The HTTP connector provides the HTTP endpoint (URL entry and browser return). To authenticate your application with Box and call API operations, you'll need to do some work.
This is the high-level recipe for my solution with Toggl service (example)
Update your Anypoint Studio with Mule Connector DevKit software
Create an Anypoint Connector project in Anypoint Studio (Eclipse)
My connector provides multiple methods to process and these are used with different instances of the component (connector) in my use flow.
My TogglDataAPIHandler.java makes various checks to see if the application (Mule) is authenticated before making calls to the Application Programming Interface (API). The API is provided by Box so that developers (people writing code) can communicate with the service outside of the web browser. There's no simple answer here. You will have to do some coding. My component/connector is only an example of one way to do this (communicate programmatically with the API).
Build and install the connector(component) locally so that we can see it in the Mule Design Palette.
Drag as many of our new component (Anypoint connector) as needed into our flow canvas.
Test the flow.
I hope that helps. Take a look at my Github repo and Mule Connector. There's a wealth of information in anyone's code. But, integration with an API requires code. You can also search the Exchange for a Box connector. If you find one, then your life is simpler. You still need to read this thoroughly:
https://docs.box.com/docs

Related

How do we handle service accounts after Exchange Basic Auth is retired?

https://developer.microsoft.com/en-us/office/blogs/end-of-support-for-basic-authentication-access-to-exchange-online-apis-for-office-365-customers/
Our organization is finding this announcement somewhat problematic! We use an IMAP library extensively to read various service based email accounts in o365. Any guidance on how to address this would be greatly appreciated.
Note, we have many console apps written in .NET (4.8) that run on a server based fired by many scheduled tasks. I understand we'd need to somehow register our "application" (I'm assuming that can be a generic one for our company), but we cannot involve any "user" interaction. These are utility apps. Glancing at the existing sample code for OAuth, they all seem to involve popping up a browser window to get someone to interact with "asking permission" which is exactly what we need to avoid.
We've used IMAP all this time to simply read and parse service based email accounts. I'm not sure I understand why IMAP over a secure connection is "less secure" than a more complex solution. Why take the option away?
On the other hand, the Microsoft Graph API looks significantly more complicated and appears to be OAuth based which, again, seems to involve quite a bit of authentication complexity.
Most REST APIs we've interacted w/ in other .NET console apps use a simple set of API "keys." Why not offer that at least?
As I say, we're looking for a way to write some process that run programmatically to automate a number of operations related to certain mailboxes. IMAP has worked like a charm so far, so we're looking for direct guidance on what to migrate to.
We understand your concerns. While a secure IMAP connection protects the data that's being transported, Basic Authentication exposes your Exchange Online accounts to attack techniques like phishing or brute forcing.
The primary objective of this change is to protect our customers from these threats. In addition, Modern Auth enables admin visibility into app access and enables fine-grained control of these apps.
To answer your question on implementation guidance, there is an existing approach in Graph to achieve exactly what you're looking to do. It's called "OAuth 2.0 client credentials flow". You can read more at https://learn.microsoft.com/en-us/graph/auth-v2-service
(Disclosure - I'm a Senior PM at Microsoft)

Integrate quickbooks with rails and angularjs application

I am developing internal CRM for a client, in which it is required to synchronize with quickbooks for all financial transactions.
I am stuck here. I do not know where to start? Someone asked me to start with webconnector. The CRM application is on AngularJs and rails. I searched but couldnot find anything specific to integration of quickbooks desktop with Angularjs and rails.
So Please please can any one there help me out? I want to to know the full process and if any sample code available for the same in rails and angularjs would be great help.
Thanks
Start by downloading the QuickBooks SDK:
https://developer.intuit.com/docs/0250_qb/0020_get_set_up/sdk_downloads
Install it, and look at the file named:
QuickBooks Web Connector Programmers Guide, QBWC_proguide.pdf
It's about 100 pages, and a spec/guide of what you'll need to implement since there's not much else out there pre-built for RoR.
At a (very) high level, you're going to create a SOAP service which listens for HTTP requests. There's a number of methods you'll need to implement:
authenticate(...) - QuickBooks will call this to authenticate to your service
sendRequestXML(...) - QuickBooks will call this to ask "What data do you want to exchange?" at which time you respond with a qbXML request telling to add an invoice, or add a customer, or give you a list of customers, or etc. etc. etc.
receiveResponseXML(...) - When QuickBooks has finished doing whatever it is you told it to do in the previous step, it will call this method to let you know what happened (e.g. was whatever you told it to do successful or not).
There's more details here that you should read:
http://wiki.consolibyte.com/wiki/doku.php/quickbooks_web_connector
The QuickBooks SDK also includes examples in C# and Java for this. Look for the Web Connector-specific ones, not the COM/QBFC examples (those aren't relevent to you).
You might also look at this for reference/ideas (it's in PHP, but might still serve as a reference):
https://github.com/consolibyte/quickbooks-php
https://github.com/consolibyte/quickbooks-php/blob/master/docs/web_connector/example_web_connector.php

exposing part of my parse.com api to other developers via ouath 2.0

It's now trivial to create a web app that sits atop Parse.com. Now that I have this webapp, I want to expose parts of it to other developers via an oauth accesible api. So, they can develop an app that lets my site users 'give them permission' via oauth and they can now access the api.
How would I start going about doing this?
Update: After #Mubix response, I felt the following clarification would help
Currently I am accessing Parse from the server via a REST api, to get around any javascript security issues re:api keys etc. So, the api would be served of a server other than Parse. Also, the server code is in javascript / nodejs. I came across https://github.com/jaredhanson/oauth2orize which seems a likely candidate, was wondering how others are doing it and if anyone has actually gone a further step and integrated Parse access.
Hmmm .. Intereesting question!
Legal:
First of all their ToS doesn't seem to prohibit what you are trying to do but you should read it carefully before you start.
Implementation:
While parse doesn't provide feature to build your own APIs you could implement something yourself. You could treat the third party developers as users of your app. And you can use the ACL to control access.
Problems:
I don't see any way to implement oAuth entirely within parse.
How will third party apps access your API? Ideally you would like them to use a REST interface but with the parse.com REST API you won't be able to manage access to different parts of your data.
Conclusion:
It seems like too much trouble to implement the API entirely within parse. I would suggest that you write a thin API layer that takes care of auth and uses parse as the backend. You can use one of the service side libraries available for parse. eg. PHP Library, Node Parse.

Any pointers on implementing oAuth Server on DNN?

I need to build an ecosystem of online tools (these tools are on various platforms like Moodle, Website Baker, ASP.Net, php, etc, some already built, some purchased from other vendors and some to be built), where I want a single login that the end user should have.
These tools, standalone, have their own login mechanism in place at the moment.
I am planning to build a central system on DNN where users register and this system exposes an oAuth service that other systems use to authenticate users against.
I am considering DNN (DotNetNuke) platform for the following reasons:
1. I am an ASP.Net developer and familiar to some extent with DNN (Not a whole lot, but enough to know that it has the concept of providers and modules that I can customize as per my needs).
2. I will need a shopping cart and a registration system which I am hoping to get some ready-made third party solution.
WHAT I NEED INPUTS ON:
Is there some DNN component out there already that exposes oAuth authentication from a DNN site? I am looking to implement something similar to what Google has implemented for it's oAuth interface.
If I understand you correctly, you are trying to build is called 3 legged authentication with oauth where you want dotnetnuke to be the provider. In order to do that in dotnetnuke, you need to provide a UI where consumers can register and get AppId and consumerKey. Once that is done, Consumer will send user to dotnetnuke for login. Dotnetnuke will validate the user and return appropriate information to consumer.
Here are some things that can help you:
DotNetOAuth library
OAuth website
http://code.google.com/p/extremeswankoauth/wiki/Server_Examples
http://www.cleancode.co.nz/blog/523/oauth-dot-net
Example oAuth implementation in java
Let me know if you need more help.
I don't know if it is the best way to accomplish the solution but it was what I did.
There's a code sample of DotNetOpenAuth here which uses OAuth to authenticate users. Probably you will see that there are more examples, and even newer but .. pay attention because If you are using the last version of DNN (7.x), it works using the .NET Framework 4 and the newer samples uses 4.5. So, take a look of the first example! The ASP NET Handler called OAuth.ashx is your OAuth Service provider.
Then, I built a DNN module based on the sample to make DNN work as OAuth Service.
I followed this guide to build the module. There are some videos which shows the basic of module development.

How to programmatically obtain OAuth2 client credentials for Google API

I'm trying to create a redistributable web application that will integrate with Google Analytics through the Google Reporting API. Customer will install the application on their server.
I'm following this tutorial (I'm using PHP, but I believe this is not of importance for my question)
https://developers.google.com/analytics/resources/tutorials/hello-analytics-api
This works fine. No issues there.
However I can't figure out one missing element:
The tutorial starts with sending me to the Google APIs console where I have to create and configure a new API project and create and configure a client ID.
That's a lot of work that requires fairly technical knowledge (redirect url, selecting correct API, error-prone copy-and-pasting, etc.)
So my questions:
Is there an API so I can programmatically set this up for my user?
If that's not possible, is there a more user-friendly way to obtain Analytics reporting that is future-proof? (I noticed they are currently deprecating a few older APIs)
Unfortunately that's AFAIK not possible.
You could go one of the following ways:
Move client_id and client_secret to some configuration file and help your customer with deployment.
Show a one-time setup wizard for your app and guide your customer step-by-step. There you can at least provide him with the right callback URLs.
Regard your application as "installed application" and instrument curl or something similar for sending the requests.

Resources