We have an application using Google Contacts with 2-legged OAuth 1.0 which works great but we want to migrate to OAuth 2.0. So far it looks like old GData libraries aren't playing nice with this OAuth 2.0 and 2-legged authorization. On the other hand new google-api-client libraries handles this gracefully but it doesn't provide Contacts API. So we wanted to use the new GoogleCredentials which are really simple to use with the old ContactsService but it the Bearer token is set to null in the request causing java.lang.NullPointerException: No authentication header information. Does anybody have an idea what may go wrong?
Anonymized test script can be found at https://gist.github.com/musketyr/9394815
The NPE is due to a bug that only affects certain user agents. You can work around it using the method I described here: Google Contacts API - failing to refresh access token. Fixing that should allow you to get more information about the error being thrown.
Related
I'm using the Amplify CLI to create a Cognito user pool for my React web application. I've found the withAuthentication UI doesn't meet my needs because I can't customize the signin form (say to remove the phone number field) or protect just part of my app.
Instead, I would like to use the Hosted UI provided by Cognito but am struggling with how to implement the Authorization Code Grant flow. Is there an easy to use the npm library to help me with this?
I've tried directly calling the /authorize endpoint as described in the docs but get a cors error when calling from localhost. I've also tried using window.location.ref to redirect to the hosted URL that the Cognito Console provides a link to. This works but when arriving back on my specified page (following the callback), parse the code from the query string, and send a POST request to the /token endpoint as described in the docs, I get a 400 status code back. Is there more I need to be doing here?
I'm very new to OAuth so would appreciate any simple explanations or pointers to basic materials a noob can understand would be great!
My resources use code flow with Cognito and will give you sonething to compare against:
Code Sample
Blog Post
A couple of pointers:
Register an OAuth client in your user pool to fix the CORS error
Trace OAuth messages from the browser and focus on getting them the same as mine
My code sample is easy to run against my Cognito endpoint. It does not use React or Amplify though - but once you understand principles it should be easy to port them to your own technology choices.
I have been playing with the new Admin SDK in conjunction with the "upgraded authorisation experience" and wondered if someone has and experience/examples on how to use it. From what I have read, if you upgrade the authorisation experience you shouldn't need to use OAuth 2.0 and get a client ID and secret from the API console.
When you upgrade the authorisation, the API console entry is automatically created so you just have to turn on Admin SDK. Your app should then run simply using your own admin credentials.
Have I misunderstood this and if so, what is the benefit of the new authorisation experience?
I can use the Admin SDK just fine if I create a client ID and secret in the API console but this is using OAuth 2.0 then.
If someone has an example of how to use the admin sdk with OAuth 1.0 i could have a look at it would be much appreciated.
You will still need get your tokens and API key...
Take from the Directory API documentation:
If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access (hybrid) or domain-wide delegation of authority (2LO), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key. You can find your application's API key in the Google APIs Console, in the Simple API Access section of the API Access pane.
If you are looking for an oAuth2 example with GAS, Arun has a nice example he posted on GitHub, see the SO posting: How to authorize with oauth 2.0 from appscript to Google APIs?
Sorry, I don't have any oAuth1 example to interface with the new APIs.
We have an existing application on SoundCloud that was created some time ago and set up to use OAuth1. Recently we needed to expand SoundCloud-related functionality and, because of some problems with the old library, had to upgrade to new cocoa-api-wrapper library that uses OAuth2 client.
The problem now is that we cannot access our application with its key/secret because of the different version of OAuth. While it is possible to set up new application and get new key/secret pair, we wouldn't want to lose all the data associated with the current application.
Is there a way to have the same SoundCloud application accessible with both versions of OAuth (OAuth1 is still being used)? If not, what's the best way to handle this situation?
Yes. You can migrate an OAuth1 token to an OAuth2 token by sending a POST request to the following endpoint:
https://api.soundcloud.com/oauth2/token
with the following parameters:
client_id='YOUR_CLIENT_ID'
client_secret='YOUR_CLIENT_SECRET'
grant_type='oauth1_token'
refresh_token='OAUTH1_TOKEN'
The response will contain an OAuth2 token (as well as expires_in, scope, refresh_token).
I have had a search around stackoverflow, but was unable to find an answer to my question, so I thought I'd ask.
I'm currently working on an iOS app where I would like to get a feed of a public timeline without the user of the app being required to have a twitter account.
I am successfully able to do this using twitters v1.0 of the API and all works perfectly. Simply making a request to http://api.twitter.com/1/statuses/user_timeline.json?screen_name=username retrieves all the information that I require.
However, since v1.0 has been deprecated and V1.1 requires authentication for each request, I get a bad authorization error using this API. Having looked at the Twitter documentation and how to generate OAuth request headers, I don't fully understand the "Getting a signing key" section of the documentation in the link below. (this is my first time working with Twitter's API and OAuth, I'm trying to gain a good understanding, before I start the implementation)
https://dev.twitter.com/docs/auth/creating-signature
As I understand it, the consumer secret can be found when logging into twitter.com/apps but I'm not sure where I would get the "OAuth Token Secret" in order to generate a valid signing key.
Since this is an iOS app, I know I could use the TWRequest class, but to my understanding, this would require the user to have twitter setup on their device.
I hope the above makes sense and any help would be appreciated.
Thanks
If you go to the Twitter application you have set up https://dev.twitter.com/apps
You should see your Access token secret under the heading Your access token. If you don't see this then you probably haven't generated an access token yet.
The twitter api keeps refusing my credentials, no matter what shared library I use. Is there any reason for this?
Twitter no longer allows BASIC AUTHENTICATION on its API. You need to do OAUTH authentication. This is most likely the problem you are having. If you need further help, you need to post some code, what library you are using, and exactly what part of the API you are trying to access.