I'm implementing invite people in my app, I want to use googgle contacts,
If I use accounts-google package for authenticating the user, It will be complex process, beause I don't want to store user information,
I just want one time auth, so I'm searching for client side solutions,
var url='https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/contacts.readonly&client_id=5558545-3n8vg6u4nu2hm1gmuj1dbjib28p33qss.apps.googleusercontent.com&redirect_uri=http://localhost:3000/_oauth/google&response_type=token'
var newWindow = window.open(url, 'name', 'height=600,width=450');
on click of invite button I'm calling this it is working well, but how to read the accesstoken returned by this window.
I can't find how to do this?
I tried using HTTP method
HTTP.get(url, {}, function(e,r){
console.log(e,r);
});
but it throwing error, It is not working.
HOw to read accesstoekn from popup? or Is there any alternatives to do that?
window.location.hash contains the fragment part of the URL.
I have done this.
If u need the sol let me know, cos its little long. But I did with no package and raw implementation
Related
I've read quite a lot of documentation about Webpush, and so far I've understood that push subscription should have a read-only propery expirationTime. Also, I understand how should I react if the browser decides that subscription is outdated (handle event in service worker, etc.). But is it possible to somehow set expiration date manually, without implementing complex client side logic? I guess that this is an ordinary problem for apps that have authentification.
My problem is that if user gets logged out automatically, webpush endpoint stays valid. I know multiple ways this can be solved with workarounds, but I guess that's not the optimal way for a relatively basic problem.
It's been a long time ago that I've fixed this, but I guess sharing my solution can be helpful.
The solution was to make a HTTP request from service worker to the app using fetch('/path') , because all cookies from the app are also attached to requests made from SW.
So, if user is not logged in, you are redirected to login page.
My code:
fetch('/path', {method: 'GET', redirect:'error'}).then(function(result) {
... //some code specific for my app
}).catch(function(e) {
registration.unregister(); //error on redirect to login
});
I want to define custom functions on Firebase using firebase-tools. Is there a way to get userId from firebase-functions?
Say on this code sample, is it possible to get the user who sent the request?
const functions = require('firebase-functions');
exports.helloWorld = functions.https.onRequest((request, response) => {
response.send("Hello from Firebase!");
});
I have tried getting it with the following code unsuccessfully functions.auth.user().uid.
I am quite new to both js and firebase, so go easy on me please, I am trying to learn.
You're over-simplifying the way HTTP triggers work. They have no knowledge of anything about the entity on the end making the request. It could be a user, or just some automated program. The user doesn't have to be authenticated in order to access your function.
If you want to limit access to your HTTP trigger to only authenticated users, you could try something as described in this other question. There is official sample code that shows what you need to do.
Bottom line is this. Unless you do something to safely transmit to the function who the user is (identified by an id token), then you really have no idea who they are.
Think I find a better answer from this post :
https://medium.com/super-declarative/dev-snack-testing-firebase-cloud-functions-with-user-id-tokens-83841d3f06c.
Basically 2 ways for http functions
functions.https.onRequest : You may get, if available, the token from the request and then use firebase admin api to get user UID;
functions.https.onCall for authenticated request : You get it from exposed context object
I wish to create a login for my website using Twitter. I wish to let the user type his Twitter Handle inside a textbox and once he enters I need to validate it by making an API call to Twitter and confirm that and need to display the Twitter name of the user and his twitter profile pic. Is this possible using plain JavaScript to implemet this feature? As Twitter is using OAuth for authentication now, can this be implemented with only JS? Kindly, pass on any links if you know. Thanks in advance :)
After some research, I cam across this amazing node based API, twit, whcih can be installed just by saying npm install twit.
You can also get the details on https://github.com/ttezel/twit.
Best part of this plugin is, it takes care of all the authorization with Twitter and gives you a set of methods.
Code example :
var twit = require('twit');
var T = new twit(config_parameters); // contains you access tokens;
T.get('users/show', { screen_name: twitterHandleName},
function(err, data, response) {
console.log(data);
});
});
It has many utility methods that help to resolve your queries that you require from Twitter
I am developing a mobile web application which will access the Google Books API and allow the user to add books to their "favorites" book shelf. Its my first time using an API that requires the Google authorization.
I need to send an authorized request to modify private user data. I (think) I have have the proper access_token but I can't figure out how to get to it.
I am using the Google sign in button like so:
` <div class="g-signin2" data-onsuccess="onSignIn"></div> `
I also have this to identify my application to Google:
`<meta name="google-signin-client_id" content="12345.apps.googleusercontent.com"> `
I sign in with my own Google account and the Google button changes over to "Signed In." I am simply trying to log the access token from there:
` function onSignIn(googleUser) {
googly = gapi.auth2.getAuthInstance();
var id_token = googly.currentUser.get().getAuthResponse().access_token;
console.log(id_token);
} `
I've tried everything I can find in the documentation but no matter what I do, I get back that access_token is undefined.
My suspicion is that I don't actually have an access token, but I don't know how to test that.
What is the correct way to find the access_token? Once I have it, how do I send it to the API?
It's so late but if you pass true parameter to getAuthResponse "getAuthResponse(true)" it returns access_token.
Try using gapi.auth in the API Client Library instead of gapi.auth2 in the Identify Platform. You should find gapi.auth.getToken().access_token contains the access token you need.
That said, I believe this is a bug. If you alert(JSON.stringify(googleUser)) I suspect you'll find there is an access_token field buried in there, but getAuthResponse() doesn't contain it, even though the docs suggest there should be one.
If anyone can confirm I'm understanding this correctly and report it, that would be great.
If you include the response_type in the request header as 'token' it will return the access_token with the currentUser
i have a little problem with Meteor and Twitter.
All i want to do is posting a tweet through a click on a button. For this I have to authenticate myself over Oauth to the Twitterservice.
At the moment i am doing the authentification in a really complicated way springing from client to server and back. But now I found the function Meteor.loginWithTwitter. Originally I thought this function is only for logging you into your own application with the Twitterkeys, now i am not so sure anymore. Probably I can also use it for my problem. Because it seems that the Oauth-Process is completely (and in a simple way) implemented in Meteor.
Sadly i cann't find any documentation or examples for just logging in and getting the final oauth_token. And so all i got from Meteor back then i try the following code, is this errormessage:
Erromessage: Accounts.ConfigError {message: "Service not configured"}
Meteor.loginWithTwitter( function(err){
if (err){
console.log(err)
}else{
console.log("yeah");
}
});
I know i have to enter somewhere my Appinformation like the Consumer key, but i have no idea where. Can someone help me out and knows some examples for me? Or knows if i am even on the right track?
Thanks and greetings
Philipp
The easiest way of doing this: Add the accounts-ui package:
meteor add accounts-ui accounts-twitter
and in your template do
{{loginButtons}}
On the first start of the application, a click on the login button will guide you through the setup process. You will create a Twitter application and copy the consumer key and consumer secret into a form, that meteor presents you. Afterwards you can log in using Twitter.
Make sure to use the latest Meteor version (0.5.2 at this moment)
You can also config your consumer key and secret with code, this is an example with weibo but its work for twitter, google etc... (server side) :
// first, remove configuration entry in case service is already configured
Accounts.loginServiceConfiguration.remove({
service: "weibo"
});
Accounts.loginServiceConfiguration.insert({
service: "weibo",
clientId: "1292962797",
secret: "75a730b58f5691de5522789070c319bc"
});
You need to add what #Tom31 suggested in your server side, i.e., I have a /server/server.js
Accounts.loginServiceConfiguration.remove({"service": "twitter"});
Accounts.loginServiceConfiguration.insert({
"service": "twitter",
"consumerKey" : "<yours>",
"secret" : "<yours>"
});
Finally, your access token are stored in your user at the database but this information it is not propagated to the client and, if you want to have access to it, you new to create a server side method and access it through Meteor.call or Meteor.apply
Updated: Example of my server side method
I've created my server side method like this:
Meteor.methods({
...
userGet: function(id) {
return removeSensibleFields( Meteor.users.findOne({ _id: id }) );
}
...
});
where removeSensibleFields is a method to remove all unnecessary/private information that may not be sent back to the client