I have been searching everywhere for a Java port of xoauth.py. As I really want to use the same authentication process in my java web app.
I have tried using the GoogleOAuthHelper to generate the token and secret but when I plugin them in to the google mail java sample, I get errors back saying invalid credentials.
If anyone can help I would be very appreciative. I have been stuck on this for sooo long now.
Have you tried the links on this page https://developers.google.com/google-apps/gmail/oauth_libraries
and
https://developers.google.com/google-apps/gmail/#oauth_access_to_imap_and_smtp
This is assuming that the service you want to access is gmail (since you tagged your question gmail). If you're looking to use a different service, (say Drive) then your starting point is the api console at https://code.google.com/apis/console
Related
I had an application that checked an email address (cfmail tag) for expected information (in XML format), parsed that information, and then dumped it into a database. We were using basic authentication with O365. I believe their switch to OAuth has broken our system.
I am looking for resources,tutorials, and advice on how to implement an OAuth layer to our Lucee application that will allow us to check that email as before. I have spent some time Googling, but I am a little confused as to where to start.
It is possible to reenable basic authentication in O365 - https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437
However, this will only keep your application working until the end of 2022, when Microsoft will permanently disable Basic Authentication. We are also looking for a solution to accessing O365 email from Lucee.
Sorry for a fuzzy newbie question but I didn't find a similar yet - maybe I'm just asking wrong..
I'm working on an open source Python application which reads and processes emails from given mailboxes using IMAP and SMTP (from various (self hosted) email providers, so a MS/Google specific implementation is not an option for me).
Currently I'm extending that application to support OAuth2 after Microsoft announced they will no longer support standard IMAP/SMTP authorization.
I found lot's of HowTos, tutorials and examples and managed to read/write mails using OAuth2 with GMail-servers now but I hope I just missed the recommended scenario for open source applications.
Currently I've set up a Google "Project" using tutorials I found in order to get ClientID and ClientSecret. Google told me it would cost me $15k to $75k to get my application verified, while Microsoft wants me to create an Azure/Identity Platform account and want's my telephone and credit card number in advance in order to bill me after 12 months.
Question: What am I supposed to provide with my application regarding OAuth2? I don't want to publish my ClientID/Secret do I? Does every user have to go through those registration procedures in order to access its mails using a command line script?
How to other open source mail-applications solve this issue? At least Thunderbird can authenticate with GMail (see https://www.supertechcrew.com/thunderbird-oauth2-gmail/) do they provide ClientID and -secret with the application?
Here is an old thread discussing the issue: https://groups.google.com/g/tb-planning/c/RRSPwp36bi0?pli=1
Disclaimer 2: I know this question sounds very obvious but I really didn't find a hint yet :)
I can't find any proper sample about
google (or facebook) authentication in case of using Nancyfx as a Self-Hosting program.
Advice needed.
Sorry there is no official code/sdk for Nancyfx.
But if you want to support basic "Sign in with Google" on any site the easiest is to add some code on the page (this can get you an id_token)
https://developers.google.com/identity/sign-in/web/
And send this id_token to your server and validate it on the server side. The code to validate is fairly simple. You can pick up the sample python or java code from here.
https://developers.google.com/identity/sign-in/web/backend-auth
This is probably the easiest way to get Google sign-in on a web based application.
I've been beating my head for hours on this request.
I have an on-premise installation of an Azure MultiFactor Authentication Server. I'm building a new ASP.Net MVC 5 application that will do an LDAP lookup for users in Active Directory (also on-premise) with no ADFS configured.
I've gone through the sdk for MFA Server and can easily enable SMS requests to be sent. I get the otp code from calling pf_auth.pf_authenticate(authParams, out otp, out callStatus, out errorId);
This works for test. But I need to direct this request to my on-site MFA Server. I can't find anything that tells me where I can set this value.
I know that if I login to a machine on that domain it automatically sends the SMS text to my phone and I can enter it into the next screen to complete a login (the default user portals set up with MFA). I would assume that this would possibly work when I call ValidateCredentials on my application's newly created PrincipalContext. But how do I submit the sms code without some sort of RequestId to synch up the communication.
I'm sorry if this doesn't make much sense. It's just all the examples I can find are for using MFA with a local ADFS. I only have Active Directory which is causing me to do the custom LDAP lookup.
Any help or direction is greatly appreciated.
OK, sorry for the delay in responding to this post. After getting no responses I moved on but have recently noticed that there have been 45+ views since my post and thought I should update for others who might be experiencing a similar issue.
Turns out that when using MFA on premise you can point multiple applications to a single MFA server, like Remote Access, VPN, etc.
However if you are attempting to setup a Web Application hosted on IIS you need to install a copy of the MFA server on the IIS server hosting the application.
When installing you can point to the existing MFA setup so that both machines are in the same configuration. This local install also adds a custom IIS Plugin that does the request interception and directs it through the MFA pipeline. If everything looks good the request is then forwarded to your web application like normal.
This is really pretty straight forward but the documentation for MFA setup was sorely lacking. Hopefully in the future there will be a decent sample app provided by Microsoft that demos this process using local MFA and not just the Azure hosted solution.
I'm trying to create a redistributable web application that will integrate with Google Analytics through the Google Reporting API. Customer will install the application on their server.
I'm following this tutorial (I'm using PHP, but I believe this is not of importance for my question)
https://developers.google.com/analytics/resources/tutorials/hello-analytics-api
This works fine. No issues there.
However I can't figure out one missing element:
The tutorial starts with sending me to the Google APIs console where I have to create and configure a new API project and create and configure a client ID.
That's a lot of work that requires fairly technical knowledge (redirect url, selecting correct API, error-prone copy-and-pasting, etc.)
So my questions:
Is there an API so I can programmatically set this up for my user?
If that's not possible, is there a more user-friendly way to obtain Analytics reporting that is future-proof? (I noticed they are currently deprecating a few older APIs)
Unfortunately that's AFAIK not possible.
You could go one of the following ways:
Move client_id and client_secret to some configuration file and help your customer with deployment.
Show a one-time setup wizard for your app and guide your customer step-by-step. There you can at least provide him with the right callback URLs.
Regard your application as "installed application" and instrument curl or something similar for sending the requests.