I am working on a rails app where I need to access users Google Double Click for Publisher Data. I am using the 'google-dfp-api' gem. I have set up OmniAuth for users to authenticate their DFP accounts and am storing the refresh token per the google documentation (https://developers.google.com/doubleclick-publishers/docs/authentication). I can not figure out how to use the refresh token to access the DFP api.
I am attempting to make the connection as shown below:
dfp = DfpApi::Api.new({
:authentication => {
:method => 'OAuth2',
:oauth2_client_id => GOOGLE_CLIENT_ID,
:oauth2_client_secret => GOOGLE_CLIENT_SECRET,
:user_agent => USER_AGENT,
:application_name => APP_NAME,
:oauth2_token => {
:refresh_token => GOOGLE_DFP_REFRESH_TOKEN
}
},
:service => {
:environment => 'PRODUCTION'
}
})
AnyTime I attempt to make a query after this I get the following error:
DfpApi::V201411::UserService::ApiException: [AuthenticationError.AUTHENTICATION_FAILED # ]
You do not use the refresh token to access the api, use your access_token. I am refreshing the access_token before I make a call.
Refresh your token:
def refresh_access_token
refresh_token = self.refresh_token
google_refresh_url = "https://accounts.google.com/o/oauth2/token"
response = RestClient.post google_refresh_url, :grant_type => 'refresh_token', :refresh_token => refresh_token, :client_id => ENV['GOOGLE_CLIENT_ID'], :client_secret => ENV['GOOGLE_CLIENT_SECRET']
response_hashed = JSON.parse(response)
new_access_token = response_hashed['access_token']
self.save_new_access_token(new_access_token)
end
Then the OAuth DFP API hash should look as below:
#api = DfpApi::Api.new({
:authentication => {
:method => 'OAuth2',
:oauth2_client_id => ENV['GOOGLE_CLIENT_ID'],
:oauth2_client_secret => ENV['GOOGLE_CLIENT_SECRET'],
:application_name => ENV['GOOGLE_APP_NAME'],
:client_customer_id => google_dfp_credential.google_client_customer_id,
:network_code => google_dfp_credential.network_code,
:user_agent => ENV['GOOGLE_DFP_USER_AGENT'],
:oauth2_token => {
:access_token => google_dfp_credential.access_token,
},
},
:service => {
:environment => 'PRODUCTION'
}
})
The user_agent is a unique string to your app, that should be the same every time you access the api. See the link below for more info on that:
http://googleadsdeveloper.blogspot.com/2013/11/please-set-user-agent-or-application.html
You will also need to get the network_code from the the dfp account you are accessing by logging into the dfp account manually. To my knowledge this is not returned with OAuth authentication. See step 2 in the link below for more info on how to get the network_code:
https://developers.google.com/doubleclick-publishers/docs/start
Related
I am trying to access Google Adword's api through google's gem google-api-ads-ruby. I was able to oauth in perfectly fine and grabbed the access token, refresh token, and id_token fine. When I try to access the data it gives me the oauth token invalid error. I retrieved my access token and inputed it on this link and it returned me a valid result.
https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=[TOKEN]
The code below is how I am trying to access the Report Definition Service.
config = {
:authentication => {
:method => 'OAuth2',
:oauth2_client_id => #plugin.oauth_client_id,
:oauth2_client_secret => #plugin.oauth_client_secret,
:developer_token => #plugin.developer_token,
:client_customer_id => #plugin.client_customer_id,
:oauth2_token => {"access_token"=>ACCESSTOKEN,
"refresh_token"=>REFRESHTOKEN,
"issued_at"=>"2017-09-18T16:36:55.973-04:00",
"expires_in"=>3600,
"id_token"=>IDTOKEN,
:user_agent => 'Example'
},
:service => {
:environment => 'PRODUCTION'
}
}
api = AdwordsApi::Api.new(config)
report_def_srv = api.service(:ReportDefinitionService, :v201708)
report_type = "ACCOUNT_PERFORMANCE_REPORT"
This code below causes the error
fields = report_def_srv.get_report_fields(report_type)
Why do I keep getting the oauth token is invalid error when it hasn't expired yet?
If the question is still actual..
Try to replace
"expires_in"=>3600
field with
"expires_at"=>"2017-09-18T17:36:55.973-04:00"
It helped to resolve the similar issue in my case.
I am working on a making a personal soundcloud app on Rails 5 and i'm having some trouble with OAuth. I'm able to redirect to Soundcloud's app and give permission to my user. When I try to exchange the code for token on redirect_uri, get an error. I have included my code and image of the error I'm getting below.
def connected
client = Soundcloud.new(:client_id => 'My ID',
:client_secret => 'my secret',
:redirect_uri => "http://localhost:3000/login/soundcloud/callback")
code = params[:code]
value = client.exchange_token(:code => code) #get an error on this line
#my code to save access token into db goes here.
end
I have added this image
for the error that I'm getting. I thought it might be more helpful.
I was having the same issues, so I just did created the request manually for this step. Soundcloud gem is pretty dated, I'm sure it has something to do with that.
#client = Soundcloud.new(client_id: client_id,
client_secret: client_secret,
redirect_uri:'http://localhost:3000/soundcloud/connected')
#code = params[:code]
response = HTTParty.post("https://api.soundcloud.com/oauth2/token",
body: {
"client_id" => client_id,
"client_secret" => client_secret,
"redirect_uri" => 'http://localhost:3000/soundcloud/connected',
'grant_type'=> 'authorization_code',
"code" => #code
}
)
access_token = response["access_token"]
#authed_client = Soundcloud.new(access_token: access_token)
soundcloud_user = #authed_client.get('/me')
end
Hope this helps.
The app I am writing has the ability to have a login popup appear and it authenticates against a hard coded username/password constant pair. I would like to authenticate against our central LDAP server. the we dont have a base however we do have a bind_dn string of "cn=USERFOO,ou=it,o=corporate". The variables user/pass are passed in through the basic login box.
I am trying to do this through ActiveLdap however I dont mind using any other library as long as I can validate the credentials through a single sign on against our LDAP server using the HTTPAuth since is written completely in Webrick Ruby. Below is a sample of the function I am calling.
Does anyone have any idea how to do this?
Thanks in advance.
def authenticate_ldap(req,res)
authlabel = "LDAP Authentication"
HTTPAuth.basic_auth(req, res, authlabel) { |user, pass|
ActiveLdap::Base.setup_connection(
:host => 'ldap.internalserver.com',
:port => 389,
:bind_dn => "cn=#{user},ou=it,o=corporate",
:password_block => Proc.new { pass },
)
}
return
end
I figured out a solution. The person who manages our LDAP server provided the incorrect ldap connection string, but even with that it still didn't work.
The solution I discovered that did indeed make a connection with very basic validation is something to this effect for anyone else interested in a very simple ldap authentication popup in pure Ruby.
def authenticate(req,res)
authlabel = 'LDAP Authentication'
HTTPAuth.basic_auth(req, res, authlabel) { |user, pass|
if pass.to_s != ''
ldap = Net::LDAP.new
ldap.host = "ldap.serverfoo.com"
ldap.port = 389
result = ldap.bind_as(
:base => "t=basetreefoo",
:filter => "uid=#{user}",
:password => pass
)
if result
ldap = Net::LDAP.new :host => "ldap.serverfoo.com",
:port => "389",
:auth => {
:method => :simple,
:username => "",
:password => ""
}
group_name = Net::LDAP::Filter.eq("cn", "#{user}")
group_type = Net::LDAP::Filter.eq("groupmembership", "cn=infra,ou=IT,o=Corporate")
filter = group_name & group_type
treebase = "t=basetreefoo"
ldap.search(:base => treebase, :filter => filter) do |entry|
if entry.dn.to_s != ""
puts 'success'
return
end
end
end
end
puts 'fail'
}
end
Is Google API Ruby client the best option?
I have a site example.com with users and I want them to see their google analytics stats on example.com, how can I do it ?
I can see the example but I'm not able to figure out how to begin.
I also use the google-api-ruby-client gem and set it up about the same way that is outlined in the link you provided (https://gist.github.com/joost/5344705).
Just follow the steps outlined in the link to set up a Google Analytics client:
# you need to set this according to your situation/needs
SERVICE_ACCOUNT_EMAIL_ADDRESS = '...' # looks like 12345#developer.gserviceaccount.com
PATH_TO_KEY_FILE = '...' # the path to the downloaded .p12 key file
PROFILE = '...' # your GA profile id, looks like 'ga:12345'
require 'google/api_client'
# set up a client instance
client = Google::APIClient.new
client.authorization = Signet::OAuth2::Client.new(
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
:audience => 'https://accounts.google.com/o/oauth2/token',
:scope => 'https://www.googleapis.com/auth/analytics.readonly',
:issuer => SERVICE_ACCOUNT_EMAIL_ADDRESS,
:signing_key => Google::APIClient::PKCS12.load_key(PATH_TO_KEY_FILE, 'notasecret')
).tap { |auth| auth.fetch_access_token! }
api_method = client.discovered_api('analytics','v3').data.ga.get
# make queries
result = client.execute(:api_method => api_method, :parameters => {
'ids' => PROFILE,
'start-date' => Date.new(1970,1,1).to_s,
'end-date' => Date.today.to_s,
'dimensions' => 'ga:pagePath',
'metrics' => 'ga:pageviews',
'filters' => 'ga:pagePath==/url/to/user'
})
puts result.data.rows.inspect
To display statistics for a user's page in your app, you have to adjust the metrics and filters parameters when making the query. The query above for example will return a result object containing all pageviews for the page with url example.com/url/to/user.
Caveat: this answer was written a long time ago and Google released a new, incompatible version of the gem. Please consult https://github.com/google/google-api-ruby-client/blob/master/MIGRATING.md
I'm trying to hook up an OAuth consumer using 2-legged authentication. I have two questions:
1) is it possible to use Oauth with a custom REST plugin (as opposed to the built-in API)
2) as a test of the built-in REST API, I'm trying the following, and receiving:
<Net::HTTPUnauthorized 401 Unauthorized readbody=true>
{"errorMessages":["You do not have the permission to see the specified issue","Login Required"],"errors":{}}
Here is the test method:
jira_url = "http://localhost:2990/jira"
consumer_key = "hardcoded-consumer"
consumer_secret = OpenSSL::PKey::RSA.new(IO.read(File.dirname(__FILE__) + "/../rsakey.pem"))
#consumer ||= OAuth::Consumer.new(consumer_key, consumer_secret, {
:site => 'http://localhost:2990',
:context_path => '/jira',
:signature_method => 'RSA-SHA1',
:auth_type => :oauth,
:scheme => :header,
:oauth_callback => false,
:ssl_verify_mode => OpenSSL::SSL::VERIFY_PEER,
:use_ssl => true,
:http_method => :post,
:request_token_path => jira_url + '/plugins/servlet/oauth/request-token',
:access_token_path => jira_url + '/plugins/servlet/oauth/access-token',
:authorize_path => jira_url + '/plugins/servlet/oauth/authorize'
})
testurl = jira_url + "/rest/api/latest/issue/SPI-1"
puts "1 #################################### first method"
req = #consumer.create_signed_request(:get, testurl, nil)
res = Net::HTTP.start('localhost', '2990') { |http| http.request(req) }
puts res.inspect
puts res.body
puts "2 #################################### second method"
#acc_tok = OAuth::AccessToken.new #consumer
resp = #acc_tok.get(testurl)
puts #acc_tok.inspect
puts resp.inspect
puts resp.body
Both methods output the same error.
Can anyone tell me what I'm doing wrong?
Answer 1. OAuth is an authorization framework and REST is a stateless, client-server, cacheable communications protocol. So yes you can use OAuth for authentication with your custom REST plugin.
Answer 2. You could try without SSL or use :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE if it works, than problem is in your SSL connection. Alternatively you may try basic authentication:
{
:username => "*Your JIRA username*",
:password => "*Your JIRA password*",
:site => 'http://localhost:2990/',
:context_path => 'jira',
:auth_type => :basic,
:use_ssl => true,
:signature_method => 'RSA-SHA1',
:ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE
}
I found this gem very useful.