OpenId Endpoint for PayPal Authentication - oauth

I've been searching the docs and googling like a maniac, but I can't find the sandbox openid endpoint/identifier for paypals sandbox. I've got the productive url, https://www.paypal.com/webapps/auth/server, but to use it I need an approved app.
I just want to test the flow, before I go through the hastle of creating an app.

I finally got the answer from PayPal: The OpenId/Oauth stuff is currenlty in a closed beta.

Related

OAuth and google: I must be missing something?

I'm using thephpleague oauth client library and everything works fine except for Google authentication. It seems I have to enable my domain somewhere to be able to use Google apps.
https://support.google.com/a/answer/33419?hl=en
This was not helpful indeed as I don't understand what I have to do. Am I obligated to pay for having a working OAuth connection with Google? I don't have a company, I don't need the apps, cloud or any other thing then a working API.
EDIT: to be clear I already wrote my libraries for OAuth and it's all working, it's Google that needs me to do something on domain level.
You don't have to pay. First of all you need to create a project in the Google Developers Console. Then get your credentials. I don't know which API you are going to access. Have a look at this.
https://developers.google.com/identity/protocols/OAuth2?csw=1
Additional - This site was very helpful for using the Google Calendar API
http://www.daimto.com/accessing-google-calendar-with-php-oauth2/#Conclusion
Hope you find what you are looking for.

Swift 2 OAuth2 LinkedIn connection

I'm gonna make an native iOS app with Swift 2 and Xcode 7. The users should login using LinkedIn and OAuth 2 but I'm wondering how I should begin to set this up. I don't have many experience with OAuth 2.
Is there a good tutorial or a sample app? I saw the Ray Wenderlich post but that comes with an existing project. I want to build an app with LinkedIn login from scratch.
EDIT
I want to use the LinkedIn login to get the user's connections and send them notifications. I was researching this and I found some pages that said that connections can't be retrieved from the new LinkedIn API, is this true? It is not possible to get someone's connections from LinkedIn in a native iOS applications?
You should start with LinkedIn guide for LinkedIn and OAuth 2 .
But still if you need a sample for Authentication with OAuth 2 here it is .
For your second question related to the connection yes Linked have made changes but the API is still available but for the partners .
If you are an existing LinkedIn partner, these changes will not impact your existing partnership or the associated APIs that your partnership allows you to access.
If you are experiencing issues as a result of the May 12th changes, please reach out to your LinkedIn Business Development representative immediately.
For further details you can see Developer Program Transition Guide.
Check out this repo, I did this swift pre-2.0 but it shows you the basic algorithm. You can do it the with your secret hard coded or fetch it from the server. The key is getting the oath header just right which is a huge pain
https://github.com/GregPrice24/SwiftStream
Check this out: https://github.com/jeyben/IOSLinkedInAPI
I used this repo and successfully implement LinkedIn integration in my App. It is in Objective-C but you can use Cocoapods and import them as Frameworks and use in swift2 with no trouble.
Note: As of the 12´ May 2015 LinkedIn applied restrictions to API usage for all non partners: See: https://developer.linkedin.com/blog/posts/2015/developer-program-changes
So you can only get the basicprofile at the beginning, but you can apply for the partner program to get those extra information such as connections here: https://developer.linkedin.com/partner-programs

Developer Dashboard Bug. No OAuth token for packaged app

Seriously, how do I do this? I've looked and Googled for two days, and it's not there.
I'm trying to sell an app through the Google Web Store. It is a packaged off-line app, with a custom server backend.
I think to do this I need the Licensing API, and that says I need an OAuth Token. I'm following these instructions to get the token.
Here are screenshots of my view of the Chrome App in the Developer Dashboard. My app's id is: lhhdccfgjpdaidjegbioednlnlidefno
I figured out app needs to be "public" to get the "Change Pricing"
button. Ok. Changed it to Chrome Web Store Payments.
After setting the pricing to Chrome Web Store Payments, I publish the app publicly,
but no OAuth token link appears. I don't see an option for this in
any of the UI.
How do I use the Licensing API with a packaged app?
Please help!
Mike
thanks everyone who read/answered this. The missing piece was here:
https://developer.chrome.com/apps/app_identity
Chrome has a browser API to call to get the token. There is no need to get it from the Developer Dashboard, hence I couldn't find it. I think much of the documentation is out of date and written before Chrome had the browser API for this.
This URL is likely a good example even for subscriptions. https://developer.chrome.com/webstore/one_time_payments
Thanks for your help!
Mike

Changed domain error - OpenId auth request contains an unregistered domain

I set up a project on my main domain example.com and then moved it to a subdomain sub.example.com
Now when I try to use the same (default ASP.NET MVC or on my Discourse forum) project with OpenId and click on the Google button to log in with my Google account it throws the following error -
That’s an error.
OpenID auth request contains an unregistered domain: http://sub.example.com
I have tried Googling that message but apparently I am one of the first four people to see it. Any ideas here?
According to this page,
Google closed registration to new OpenID 2.0 clients in May 2014 and will be shutting down the OpenID 2.0 service in April 2015.
The reason why some hosts work and some don't is that although Google isn't adding new hosts, you can still use the ones that are already registered.
UPDATE :
Some people have asked for a simple explanation for how to fix this, or otherwise how to proceed.
Basically, you now have 2 options.
Use OAuth 2.0 (instead of openID protocols and older versions of OAuth)
or
Use Google+ login (which Google tried to "push" you towards)
For more details check the migration guide :
https://developers.google.com/+/api/auth-migration#userinfo
I would like to add some context to this thread together with a potential solution to developers that are currently blocked.
Back in February we announced the deprecation of OpenID 2.0 (OID2) scheduled for April 2015. We also announced that new OID2 relying parties (RPs) registrations† will no longer be accepted after April 2014.
Given that the API will be shut-down in less than a year’s time, our intention is to avoid having new RPs integrating with Google's OID2 API. Instead, we suggest to use our OpenID Connect API which we consider more secure and easier to implement.
Registrations were effectively closed on May 19th (as documented in the Google’s OID2 developer documentation). All RPs already using OID2 should not be affected by this the closure.
As for developers currently working on an integration with our OID2 API (presumably because they missed the announcement and warnings in our OID2 documentation), we will do our best to minimize the friction caused by the registration closure. If you are in such situation, please let us know by posting a registration request before June 15th. The post should contain a sample OID2 request used by your application, in case you prefer not to disclose such information, please post an email address and we will reach out. We plan to look into each case and try to get you unblocked in the best possible way.
† OID2 does not have a registration procedure for RPs integrating with an identity provider. RPs are associated to the realm value (e.g., www.example.com) used when contacting Google OID2 API. Thus, a RP is considered "registered" if its realm value has been used to contact our OID2 API.
You can easily change to OAuth 2, this article shows you how to register your app with Google and add the key to MVC. Scroll down to: "Creating a Google app for OAuth 2 and connecting the app to the project."
And you may need to add the Microsoft.Owin.Security.Google package via NuGet.
I had the identical problem but when using nodejs / expressjs
I have migrate my code using below url code and fixed that issue
Passport strategies for authenticating with Google using OAuth 1.0a and OAuth 2.0.
https://github.com/jaredhanson/passport-google-oauth
The sub-domains that fail are those that had never seen any user requests before. As per https://developers.google.com/+/api/auth-migration#timetable, Google is not allowing new domains in the OpenID2 API.
I have this exact problem, we use googles login to run a platform, its a brand new problem.
A few things I have discovered if this helps
Full domains trying to use openID never fail www.example.org and www.example2.com are not having this problem
Subdomains on the platform have this problem sometimes, but the same subdomains always fail and the others always work.
It started around Monday and is still happening now.
Take a deep breath and just change Startup.Auth.cs file
app.UseGoogleAuthentication();
to
app.UseGoogleAuthentication(
clientId: "000-000.apps.googleusercontent.com",
clientSecret: "00000000000");
refer to the http://www.asp.net/mvc/tutorials/mvc-5/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on page.

Posting twitter updates using basic authentication not working

I've tried a couple of ways (http://emmense.com/php-twitter/ and http://www.webmaster-source.com/2009/04/05/post-to-twitter-from-a-php-script/) to post updates to my twitter account but I am getting the response:
Basic authentication is not supported
I had a look at the twitter website and they said something about the new OAuth for authentication. Is this why my code isn't working?
Does anyone know of some PHP code that works?
This is correct. They recently adopted OAuth as their sole login platform for 3rd party apps as a security precaution.
Check out their developer area for examples:
http://apiwiki.twitter.com/w/page/22554657/OAuth-Examples
Basic auth is deprecated now. Check out this library https://github.com/abraham/twitteroauth for using OAuth in your application
It took me several hours to create this PHP script but it is working. Just make sure that your hosting company supports cURL. If you don't need the geo features you can cut them out.

Resources