I want to use Firebase with a BlackBerry 10 Native + Cascades App.
The problem is Firebase has no libraries for BlackBerry 10. I have done some research saying that I can use the REST API, but I cannot find anywhere on how to do email or facebook login via pure REST. Everything involves downloading the Javascript API which I cannot do as QML support with JS is giving me issues.
Does anyone have any ideas or suggestions?
By definition, you can't do authentication via REST. It requires that a user log into a third party service and enter credentials (not possible without a UI). You could create your own UI for authentication and generate your own custom tokens.
Once you have a token, you can pass that to the REST API by adding ?auth= to the URL.
Related
I am building a Chrome Extension, that will have specific user setting stored in my own server and communicate with that server via an API.
Server will be running Node.js API built using Express.
I will also have an iPhone app that will pretty much use same API on the same server.
Since my main piece is Chrome Extension, I figured I can use the Google Account authentication instead of my own authentication since I am catering to Google Chrome users mostly.
The way I thought this through is:
User opens chrome extension.
Extension shows a small login popup with a button authenticate via Google Account(or should it show email and password fields? Not sure
how Google authentication works).
User types their email and
password, and Chrome Extension fires an Ajax request to Node.js API
to obtain a token?
Basically, my question is, what is the logistics of such a system? Do I need to store a password in my database? Do I just link users via email only, and Google will handle the password storage and authentication?
I am lost :/
Has anyone had success in using the Gmail API's authorization in a Phonegap application? I found this (http://phonegap-tips.com/articles/google-api-oauth-with-phonegaps-inappbrowser.html) that describes using the generic Google API OAuth with Phonegap's inappbrowser plugin, but the newly released Gmail API does OAuth authorization differently, and I'm not sure how to get it to work with Phonegap.
Note: It does work when I try a web version of my app, but the button that brings up the authorization screen doesn't do anything in Phonegap..not sure why. I do have the appropriate Android credentials for the app in the Google Developer's Console.
UPDATE: Using OAuth's Phonegap SDK (found after registering your app here: https://oauth.io/), I am able to authenticate a Google Account. However, I am unsure how to then call Gmail API methods or correctly pass whatever authentication tokens from the OAuth SDK to any Gmail API code. Has anyone done this and can share their knowledge?
I found a solution using the OAuthio Phonegap SDK. Then I can call the appropriate HTTPS requests from the Gmail API.
If you want to login your users via Google on iOS and Android, then use this new plugin I just created: https://github.com/EddyVerbruggen/cordova-plugin-googleplus
You will also receive the name and gender etc from the plugin. The plugin will also try SSO with any other Google apps installed on your device by using the Google+ SDK on both platforms.
Google released nice feature called Over-The-Air Installs. But documentation has example only for google's sign-in button.
Checked Google API PHP Client and it doesn't have anything related. Tried adding apppackagename and app_package_name to authorization url - didn't help. Another problem is that Google doesn't enable this feature for all clients.
Is it possible to use it via oauth triggered on server-side? Does Google somehow indicate that you're allowed to use this feature?
It is currently not possible to trigger Over-The-Air Installs using the server-side flow. It is recommended that you use the client-server flow as described and demonstrated in the quick-start sample apps instead of using a server-side flow.
You can direct users to install the app at the conclusion of your install by linking to your app in the play store. From the play store, the user could still install your app directly to their device, it would just not happen in the sign-in dialog.
Even hybrid client-server flow needs to implement the "sign-in button" to your page...
https://developers.google.com/+/web/signin/server-side-flow
https://developers.google.com/+/web/signin/client-to-server-flow
Don't know why Google is doing this way!
We have a web application that supports Facebook and Twitter login/signup via oAuth (and can also post to FB/TW). Now we are building a mobile client and naturally we want people to be able to login-signup via FB-Twitter on mobile as well, on iOS even using system-integrated accounts.
Now mobile app and our server app are two different apps, however, and if I get oAuth correctly, we'll need to have two authentications: one for a mobile client (system account can be used), another one for a server (we'll have to show WebView for it).
Yet some existing apps seem to be fine with single authentication only (e.g. Flickr and Foursquare! At least 4sq seems to be fine with iOS system FB account only. How is it possible?
Do they share consumer key/secret between mobile and web app making it essentially the same app?
Do they use some FB-specific extension to oAuth
Do they only use auth token wherever it comes from making it a user ID?
Something completely different?
Old question, but this may help someone who finds their way here.
Twitter Reverse Auth
I am using RPXnow.com authentication solution for a rails app and am now at the point of wanting to develop Facebook integration features using Facebook Connect and the client api. What I am unclear on from RPXnow docs is the level of integration their solution provides. When a user connects via rpx using their FB creds, are they now using Facebook Connect? Can I make calls to the client api from my app? Do I need to use the RPX api to access the FB client APIs?
Anyone with experience using both who can shed light here, much appreciated.
dnewman,
Great question. Facebook Connect is simply a javascript layer built on top of the Facebook Platform APIs. RPX uses the platform APIs to authenticate the user, and after they have signed in, you may safely use the native Facebook Connect javascript to implement FB specific features on your site like posting activity back to the News Feed. You just need to set your connect URL on the facebook developer site and drop in the Facebook Connect javascript and then start implementing. After authenticating via RPX, the user will already have approved and "connected" to your website, and you'll have access to the breadth of Connect directly.
Also, if you have an RPX Plus/Pro account you can make simple RPX API calls to set a user's status and post activity on Facebook (and Twitter/MySpace).
Brian Ellin
RPX Product Manager
Once you've hooked up RPXNow (JanRain) single sign-on, you can follow the Facebook documentation. The Server-side Personalization example is in PHP but the idea is the same in any language.
// Fetch the user's friends
$friends = json_decode(file_get_contents(
'https://graph.facebook.com/me/friends?access_token=' .
$cookie['oauth_access_token']), true);
$friend_ids = array_keys($friends);
The key point to note is that the $cookie['oauth_access_token'] referenced in this example needs to be the string returned by the RPXNow sign-on API response in the JSON field
['accessCredentials']['accessToken']
Hint: from your RPXNow dashboard, check out the Test Sign-In Widget page under Resources to see where that token is in the response.
Initially I thought this would be hampered by having your Base Domain set to rpxnow.com in your Facebook Application settings, but this is not the case. It works fine.