I am trying to use DNOA for OpenId support to my app, in order to leave the Janrain solution I have been using so far. The problem is that the users I have so far have profile based identifiers (https://www.google.com/profiles/11223344556677... ), while the identifier retrieved by DNOA is in the form https://www.google.com/accounts/o8/id?id=xxxxxyyyyyafgsdgfsdhg.
How do I retrieve the profile information? Through Attribute Exchange? and which attribute? Or is there some other API? I saw that the login page has a provider for google and a different one for google profile, so someone around here has an answer... :)
Update: the endpoint for google profiles is (https://www.google.com/profiles/)
So... the question now is rather how to get the google profile id number
the google profile id number is retrieved through the "http://schemas.openid.net/ax/api/user_id" attribute. Set this to required
In DNOA,
var fetch = new FetchRequest();
fetch.Attributes.AddRequired("http://axschema.org/contact/country/home");
fetch.Attributes.AddRequired("http://axschema.org/contact/email");
fetch.Attributes.AddRequired("http://axschema.org/namePerson/first");
fetch.Attributes.AddRequired("http://axschema.org/namePerson/last");
fetch.Attributes.AddRequired("http://axschema.org/pref/language");
fetch.Attributes.AddRequired("http://schemas.openid.net/ax/api/user_id");
funny thing is that, if I omit some of these attributes, I don't get the api/user_id back.
Can't figure that part out, but I don't really care at this point.
Google actually has 2 (maybe more) openid providers - accounts and profiles. I don't really know why there are 2 but all Google Account owners do not have a Google Profile.
There is also a big difference between the two. Google Profiles openid identifier is the same anywhere you use it. Google Accounts id is not! When logging-in with Google Accounts as an OpenID provider you'll get different ID for every domain. It's a new (optional, I think) feature of OpenID, but I can't remember it's name at this moment.
With all that said I don't think Google will give you any data which Google Account identifier correlates to which Google Profiles identifier.
Hope this helps in any way.
Related
I would like to show a company's feed/updates/post on a website. I am the owner/admin of the LinkedIn page. Most of the related questions are old and uses V1. This similar questions also seems unanswered (LinkedIn Company Feed in API v2?). LinkedIn support are of no help and they instruct me to ask questions on Stackoverflow.
I created an App on LinkedIn and they assigned default permissions (r_emailaddress, r_liteprofile, w_member_social). But these permissions are of no use to me since I just want to show the company feeds on the website. Neither I want any user to login to LinkedIn nor I want to read the users/visitors email addresses or profile. Already went through a lot of their documentation but there is no clear mentioning of how to do this.
I read that company updates can be retrieved using the /ugcPosts API. GET https://api.linkedin.com/v2/ugcPosts?q=authors&authors=List(url-encoded organization Urn). But in order to do that I need r_organization_social permission. How to get this permission?
Also in this scenario, since I just want to retrieve company posts, I can use 2 legged oauth: https://learn.microsoft.com/en-us/linkedin/shared/authentication/client-credentials-flow?context=linkedin/context instead of 3 legged oauth. But when I try to generate access token I get error "access_denied: This application is not allowed to create application tokens"
https://www.linkedin.com/oauth/v2/accessToken?grant_type=client_credentials&client_id=xxxxx&client_secret=xxxxx&redirect_uri=http://xxxxx.local/&state=fasdfasdfs
Does anyone know how to achieve this?
Thanks!
You need to apply for the LinkedIn Marketing Partner Program. You can do so by adding this product to the app you have created.
Once you have access, you can read the company feed using the following API endpoint:
https://api.linkedin.com/v2/shares?q=owners&owners=urn:li:organization:12345&sharesPerOwner=100&count=25
Hope this helps.
Apologies if this is a newbie question but I'm hoping someone can offer some advice.
I am fulfilling my Google Assistant intents via an Express app. I would like for users of my action to be able to get and modify data from their Strava account. Strava supports Google Authentication and I wondered if I could use node libraries such as Passport (https://www.npmjs.com/package/passport-strava-oauth2) to allow users to sign in to their strava account so that my action can make calls for their data?
I have a welcome intent that gets some Google profile data so wondering if I can pass through some details from this response?
googleApp.intent('Default Welcome Intent', (conv) => {
conv.ask(new Permission({
context: 'Hi, can I get your details from your Google account?',
permissions: 'NAME'
}));
});
Yes, but probably not in the way you're looking at.
The Permission helper requests access to specific types of information - name and location. You're looking to establish more of an identity relationship (using their email address or Google account).
You can do this using Account Linking.
If you're sure you're using Google Sign In on the Strava side then things are even easier and you can take advantage of Google Sign In for Assistant. With this, once they sign in, your Action will get an Identity Token which you can use to get information including their Google ID and the email address associated with the signed-in Google account. They only need to sign-in once - afterwards, you'll be given an Identity Token whenever they connect.
If your Strava project and your Action are both using the same Google Cloud Project, things get even easier for your users. Once they have signed in on either client, they're signed in on the other one. So you'll know who they are immediately through the Identity Token.
I am implementing Azure AD B2C, with Google.
When I login with my personal Google account, on the next page, the email and name is filled in (First-, last and full name).
When I use an another Google (test) account I just created, the name info is not filled in. This happened with several accounts, and I cannot find what causes this. In Google account settings the Full name is shown and visible for everybody.
Note:
I use a custom branding page which I made by copying the source from the default branding page. I did not find how to do that from scratch, as in this post: Azure AD B2C Branding - get the email, name info from Google+
I know that this is (most probably) not a coding issue, but a Google account issue, but I figured this is the best place to get the answer.
When I complete the wizard in Google+, about adding friends and/or interests, the names are taken from the Google+ account.
We have some old configurations which make use of an OAuth Client ID, and we're trying to determine which Google Developer account created it.
We have both the client ID and secret. Is is possible for us to determine which Google account they're associated with? We'd prefer to not have to switch to a new account. Any help is appreciated, thanks!
Is this client ID still used on some website for sign-in? If so, you could try to sign-in with an account that hasn't authenticated yet, and in the auth window click on the App name to get the developer info including the email address, which should match the Google account you are looking for.
I'm working in a small ASP.net MVC4 web app, and using the external login options, for allowing my users to log on with their Google account.
For linking their profile with their data, I need a unique identifier, and using the username didn't looked like a safe choice.
I've been looking in several places and the best way to get a user id is Membership.GetUser(). This works for local created users, but not for external ones, returning null.
How can I archive this? Have anyone find a workaround for this issue?
The information about OpenId and Oauth is here: http://blogs.msdn.com/b/webdev/archive/2012/08/15/oauth-openid-support-for-webforms-mvc-and-webpages.aspx
If you're using SimpleMembership you can use the WebSecurity class's .CurrentUserId property. That should work for both local accounts and OAuth accounts.