I'm using thephpleague oauth client library and everything works fine except for Google authentication. It seems I have to enable my domain somewhere to be able to use Google apps.
https://support.google.com/a/answer/33419?hl=en
This was not helpful indeed as I don't understand what I have to do. Am I obligated to pay for having a working OAuth connection with Google? I don't have a company, I don't need the apps, cloud or any other thing then a working API.
EDIT: to be clear I already wrote my libraries for OAuth and it's all working, it's Google that needs me to do something on domain level.
You don't have to pay. First of all you need to create a project in the Google Developers Console. Then get your credentials. I don't know which API you are going to access. Have a look at this.
https://developers.google.com/identity/protocols/OAuth2?csw=1
Additional - This site was very helpful for using the Google Calendar API
http://www.daimto.com/accessing-google-calendar-with-php-oauth2/#Conclusion
Hope you find what you are looking for.
Related
I am attempting to connect a Google Assistant app using DialogFlow(Api.AI) with Firebase Auth. My App uses Firebase Auth to maintain user accounts and the realtime database to store data. I would like to be able to make changes to a user's data through the Google Assistant, maybe using something like a cloud function. In order to make any user changes through Google Assistant, I need to link the user's Google Assistant account with their Firebase Auth account. The current mechanism appears to be using an OAuth flow documented here.
The question I have is, what is the best way to accomplish this? Do I need to set up a custom OAuth server? There is a lot of documentation on Google's cloud website about OAuth, but it all appears to be related to using OAuth to access Google's APIs, and I can't really see a simple way to host this linking mechanism in GCP.
There is this question that is pretty close, but the difference I have is that I don't have an external API, I just want to authenticate my user and be able to modify their data in the realtime database.
Thank you for your help!
here is an example: https://github.com/malikasinger1/Quiz-Assistant
i have done it myself with following best practices,
feel free to comment if you don't understand something.
I am trying to use FitBit api in iOS application. I have a fitbit device and I am trying to create an iOS app that connects with the FitBit api and gets my data back. I am trying to implement OAuth2.0. I already have the client ID but I have been stuck. I am not sure how to proceed with this. I have read the documentation on how OAuth works and how fibit works with OAuth2.0 . My problem is I don't know how to open the fibit api authenication by the user, and how to get the access token. How do I proceed after getting the access token.
I am a noob to this, so I would appreciate if somebody can guide me how to go with that. If someone can guide me to similar projects it will be awesome.
Thanks
Implementing OAuth isn't a simple task. I started with Christian Hansen's OAuth Example and modified it to work for my project (his is for Google, but it can be changed to work with FitBit or anything else).
You can also check out one of the many OAuth Client wrappers on GitHub. Those two should get you close enough that you can start asking more specific questions.
I've tried a couple of ways (http://emmense.com/php-twitter/ and http://www.webmaster-source.com/2009/04/05/post-to-twitter-from-a-php-script/) to post updates to my twitter account but I am getting the response:
Basic authentication is not supported
I had a look at the twitter website and they said something about the new OAuth for authentication. Is this why my code isn't working?
Does anyone know of some PHP code that works?
This is correct. They recently adopted OAuth as their sole login platform for 3rd party apps as a security precaution.
Check out their developer area for examples:
http://apiwiki.twitter.com/w/page/22554657/OAuth-Examples
Basic auth is deprecated now. Check out this library https://github.com/abraham/twitteroauth for using OAuth in your application
It took me several hours to create this PHP script but it is working. Just make sure that your hosting company supports cURL. If you don't need the geo features you can cut them out.
Can we build applications on top of the twitter user base?
Is it just another open id or something more?
I noticed when using twitpic and some MUD type game 14mafia.com that it uses my twitter login (it tweets on your behalf).
If they are using my login/password that's pretty crazy, I mean what kind of security is that?
Anyhow, just want a developers who has expereince to tell me if we can re-use their membership like openid?
Can we build applications on top of
the twitter user base?
The Twitter API is described at http://apiwiki.twitter.com/
Is it just another open id or
something more?
Twitter is neither an OpenID consumer nor provider.
I noticed when using twitpic and some
MUD type game 14mafia.com that it uses
my twitter login (it tweets on your
behalf).
If they are using my login/password
that's pretty crazy, I mean what kind
of security is that?
Awful security. Don't give out your password to third party sites. Some just use the password anti-pattern, others will steal your credentials for purposes you don't want.
Twitter supports OAuth today. If a site wants to do things with your Twitter profile, it should use that.
Anyhow, just want a developers who has
expereince to tell me if we can re-use
their membership like openid?
No, you can't.
Twitter offers both OAuth and simple username/password authentication in its API. Originally they only had the basic authentication API so many early apps were built using it. Later, they added the OAuth support, but since it was easier to use the basic authentication, many twitter clients and apps still use it.
You can tell which one an application is using, because if they are using the simple authentication they will ask for your password. You have to trust them with it in that case. You're right that it's poor security.
I imagine they are using the Twitter API.
I want to authorize my web-application for all users landing on it with a common google account. I am using google Document List API and want other users to get authorized by the common google account whenever they want to access the document.
Thanks
OAuth only connects your application to the target authenticator (Google). You would still need your application to proxy for the end user, your application cannot create a direct connection between Google and the end-user.
That said, http://oauth.riaforge.org/index.cfm is pretty easy to use. I used it to connect to a third party application from mine and, once I figured out the basics of OAuth, it was pretty easy. I then wrote a wrapper for all the internal functions to ease integration.
So, the OAuth package at RIAForge will make it pretty easy to authenticate your application to Google, but will not create a direct line between Google and your end-user.