Is there anyway to retrieve the Google Oauth refresh_token using Scribe?
I am building an app that requires several scopes mixed between java Gdata and Google api java client libraries -- and I am looking for a Single Sign On (SSO) when a user of my app signs in. However because of the state of current Google Apps API's requiring Oauth 1 or Oauth 2 depending on which library / scope you need, I'm a bit stuck.
Oauth 1 (java gdata e.g. analytics data export scope) - requires the
access_token secret
Oauth 2 (google api java client e.g. analytics calendar scope) -
require a refresh token, which is not avail currently in a Scribe OAuth 1 call
Any tips / advice? Anyone managing this with a single sign on?
Sorry scribe does not support (at the time of this writing) Google's OAuth 2.0 Apis.
It shouldn't be too hard to implement using FacebookApi as a guide. Cheers!
Scribe has added support for Google OAuth API. I used scribe 1.2.2 and it worked just fine for me.
Related
I came across this page from Google about Migrating to OAuth 2.0 login (OpenID Connect)
My current project has already used the Microsoft.Web.WebPages.OAuth library to implement the external login feature using Google account. But I am not sure whether this library still supports OAuth 2.0 login when the OpenID 2.0 is eventually shut down in the near future. Does someone have an confirmed answer about it? Thanks.
So I know it is bad to store the client_secret in a client side app (in my case a mobile app); however, the below link is the only link which describes how to use your refresh token for Google OAuth 2.0 and it requires the client_secret.
https://developers.google.com/accounts/docs/OAuth2Login#refresh-tokens
My question: Is it possible to use Google OAuth 2.0 in a client side app without using/storing the client_secret? I know that Windows Live Connect's flavor of OAuth 2.0 allows you to refresh your token without specifying the client_secret, but I have not yet discovered a way to do this with Google's API.
Any thoughts?
There is a separate workflow for using OAuth2 on installed applications or devices.
See link below to relevant google documentation
Using OAuth 2.0 for Devices
I have been playing with the new Admin SDK in conjunction with the "upgraded authorisation experience" and wondered if someone has and experience/examples on how to use it. From what I have read, if you upgrade the authorisation experience you shouldn't need to use OAuth 2.0 and get a client ID and secret from the API console.
When you upgrade the authorisation, the API console entry is automatically created so you just have to turn on Admin SDK. Your app should then run simply using your own admin credentials.
Have I misunderstood this and if so, what is the benefit of the new authorisation experience?
I can use the Admin SDK just fine if I create a client ID and secret in the API console but this is using OAuth 2.0 then.
If someone has an example of how to use the admin sdk with OAuth 1.0 i could have a look at it would be much appreciated.
You will still need get your tokens and API key...
Take from the Directory API documentation:
If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access (hybrid) or domain-wide delegation of authority (2LO), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key. You can find your application's API key in the Google APIs Console, in the Simple API Access section of the API Access pane.
If you are looking for an oAuth2 example with GAS, Arun has a nice example he posted on GitHub, see the SO posting: How to authorize with oauth 2.0 from appscript to Google APIs?
Sorry, I don't have any oAuth1 example to interface with the new APIs.
Iam developing a multi lingual application and planning to use google translator API. I was wondering if Google Translate API supports OAuth authentication or not, document is available for using key but no information is available regarding OAuth authentication.
Thanks
What is the preferred method of accessing the Gmail API across sessions without user input? E.g. user logs in once, some fairly-non-sensitive ID is stored on my server, and I use that ID along with my app's secret/key to access user's mailbox...
I noticed that OAuth 1.0 is now deprecated by google (I'm assuming that OAuth 1.0 enables the aforementioned login mechanism), so what should we use? Does OAuth 2.0 + IMAP work with Gmail?
I'm using a Rails 3.2.6 backend.
Without storing the user's password, the only way for full GMail access is using IMAP/SMTP with OAuth 1. With OAuth 2 you currently can only access the Atom Inbox Feed.
Though OAuth 1 was already marked deprecated by Google, it should be supported until April 2015.
UPDATE:
OAuth 2 authorization support for GMail IMAP/SMTP just recently arrived, so this is now the recommended way to go.
I don't find any information in the oAuth API docs about oAuth 1.0 being deprecated.
However oAuth 2.0 seems to be there as well for Gmail: oAuth 2.0 Playground.