How to remove access token from uber API while logout? - ios

I am doing integrate uber sdk using oAuth2Client in ios.I got access token using
" https://login.uber.com/oauth/v2/token" but when I was trying to remove token using "https://login.uber.com/oauth/revoke" I got response code "200" but access token not be nill so I am not able to redirect on login screen.and
I directly redirect into
If anyone do uber integration in ios application.Please help me!!
Thanks in advance!!

Calling POST /oauth/revoke invalidates the access_token, refresh_token pair that you have for that user.
However, that user is probably still logged into Uber.com and has an active & valid session with a cookie in the browser.
You probably do not want to log the user out of the browser session, but if you did want to you could direct them to https://riders.uber.com/logout

Related

Invalid Authorization Code auth_code_not_found in OAuth2

Hi guy I have a simple diagram to explain what I to achieve
first want to authenticate OAuth with mobile because mobile cant receive a callback from auth server so I need to create new simple node server for handle authentication code and get real token everything just fine until getting real token I already send code
you will see URL that console log print
already attach code in URL
I dint know issue come from guess because different referer who getting and obtain code
because I try to use only server:9000 getting and obtain access token is work
we dont need server for obtain token just only external browser and deeplink
here solove workflow
native trigger external browser
browser send authentication request to auth server
authserver send authorization back to browser
browser trigger some address that associate to app with deeplinking also passs auth code with query param
native capture auth token then send code to auth server for obtain access_token
auth server send access token back to native 
native store access token in secure storage like keychain and shared preference 

Get refresh token with Auth0

I am developing an API. I implemented register, login, and Facebook auth using Auth0.
My token expires after one day, and I need to get my refresh token to sign in the user again without requiring its credentials again. I have to make a call to /authorize with these parametrs [sic]:
GET https://YOUR_AUTH0_DOMAIN/authorize?
audience=API_IDENTIFIER&
scope=SCOPE&
response_type=code&
client_id=YOUR_CLIENT_ID&
redirect_uri=https://YOUR_APP/callback&
state=STATE
but I get this error Image
The GET response should give me a code, which I would use to get my refresh token making another GET request on /oauth/token like that: Image
Does anyone have any idea how to get over the first step?
Have you tried using curl to get access token and refresh token and then refresh outside of your app? The following link has very detailed instruction on how to do that with auth0.
https://auth0.com/learn/refresh-tokens/

Generating Linkedin Access Token

I have been trying with the simple REST Client as well as the REST Plugin for Mozilla. I am getting
"HTTP/1.1 401 Unauthorized" response with
"{"error":"unauthorized_client","error_description":"the client is not authorized"}" in the body.
I have been successful in getting the auth code, and the below is the POST request for access token, (Scope is r_fullprofile)
https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&code=AQTQeBxBzbU2aNWaQM6Ff3Z3bUd8Gyg10W9G2DdqXgWiP0q7-M55c5PLtppP7Ni3Y-6A9C8yDkj9K4VfJ7QkRUFjuV-3AknA5jAahpsFJv3wYfr8XD8&redirect_uri=https://www.google.com&client_id=75wl6j5zndvfkp&client_secret=secret
The redirect_uri=https://www.google.com is the one used for getting auth code as well.
Do we need to perform any URL encoding before making the POST request?
When I log into the linked in to my app, it has the below tokens,
OAuth User Token: c3ae4cee-1b23-xxx-9d2a-206f578dee4d
OAuth User Secret: 76bc48cc-c94f-xxx-bf9d-a663f7003383
I am not sure where it is used. we are using API & secret key to get auth code.
Thanks in Advance.
This is a 2-step process.
First, go to:
https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=YOUR-API-ID&scope=r_basicprofile&state=STATE&redirect_uri=YOUR-ENCODED-REDIRECT-URI
Then, within 10 secs of receiving the response, go to:
https://www.linkedin.com/uas/oauth2/accessToken?grant_type=authorization_code&redirect_uri=YOUR-ENCODED-REDIRECT-URI&client_id=YOUR-API-ID&client_secret=YOUR-API-ID&code=THE-CODE-OBTAINED-IN-FIRST-STEP
The response of the second request will have the actual access token you need to use.
When I followed the two steps I faced an issue where I got an error as
{"errorCode":0,"message":"Access to posting shares denied","requestId":"TYWULO2WPZ","status":403,"timestamp":1497353538016}
So I had to remove the &scope=r_basicprofile since it was preventing reading all the Default Application Permissions
I faced a similar problem and the problem was with the initial authorization code. You should mention the scope=rw_company_admin or whatever it is that you want to authorize to while doing the initial redirect URL call. Something like this -
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=your_client_id&redirect_uri=https%3A%2F%2Fwww.google.com/&state=12345&scope=rw_company_admin%20r_emailaddress%20w_share%20r_basicprofile

Twitter Integration in Blackberry: Login Page not in English

I am trying to integrate twitter using Twitter Api me 1.8 . When i try to authorize using OAuth the login Screen look like below .Some invalid charecters are showing.please help me to identify the problem
thanks
Try with BIS. It works fine with BIS. Else you can call HTTP GET and POST methode to the following urls.
For request token call https://api.twitter.com/oauth/request_token (HTTP GET with key , secret, and signature).Then you will get the request token
For Authorization call this link in your browser https://twitter.com/oauth/authorize?oauth_token=your request token
For access token call https://twitter.com/oauth/access_token (HTTP POST with key , secret, signature , token) . Then you will get the access token and secret.
If the login page content is not displayed properly in BlackBerry, then follow this link.
Please, use BrowserFieldOAuthDialogWrapper in place of BrowserContentManagerOAuthDialogWrapper class. It works fine for me.
http://kenai.com/projects/twitterapime/forums/forum/topics/523812-A-test-for-invalid-characters-on-Blackberry#p571144
I got this success by the help of #ernandesmjr Ernandes Mourao Jr
If any find any issue. please let me know.

Google GetAccessToken : Bad Request 400

I am using (OpenId+OAuth) hybrid protocol.
After I redirect user to "https://www.google.com/accounts/o8/ud" with all openid and oauth extension parameters, user is able to see login screen and services I need to access. On successfull login I receive response as following:
http://muUrl.com/...&openid.ns.ext2=http://specs.openid.net/extensions/oauth/1.0&openid.ext2.scope=http://docs.google.com/feeds/&openid.ext2.request_token=4/8GCHDIvtxhbg8gVkfYro7QIFakoB
I understand user is properly logged in and text in bold is authorized token. Then I make call for obtaining access token with all parameters except oauth_verifier as that is not available in hybrid mode. I sign base string using HMAC-SHA1 with key as "consumersecret&" (token secret is yet not available)
I get 400 bad request with signature invalid. Any help or suggestion is highly appreciated to resolve this issue.
pls see Bob and my comments.
% escaping can be an issue if you are facing same problem as mine. oauth_verifier is indeed not required in hybrid mode.

Resources