I'm writing a mobile application using JavaScript and HTML and I'll pack it using PhoneGap, so at the end it will be a native one.
One feature of this App will be the "Import from Google Docs" one. I'll set a Google account up for the App and put some documents in it so they will be available from the application itself. This seemed pretty straightforward, until I hit a wall with OAuth2.
What I cannot figure out is how to provide my application with a way to authenticate itself using a pre-authenticated token (I think this is the use of the "secret key" in the OAuth workflow). The problem seems to be that on the Google API guides I read, when speaking of JavaScript integration they always refer to a web application which - as part of the OAuth flow - will eventually ask THE USER to authenticate with HER Google account (and not my application's one) and never use the "secret key" (we will leave the problem of embedding a secret key into an application for later).
What am I missing here? Does anyone have done something similar and care to explain it a bit?
I recently presented OAuth at BlackBerry Jam Americas. You can view the recording of this presentation here which I think may help answer some questions about the differences between OAuth and OAuth2, and how to implement them in a PhoneGap (or WebWorks) application:
http://hosting.desire2learncapture.com/RIM/1/watch/63.aspx?q=social
Also, my colleague Chad recently published some sample code that you can use in your own app development. We have published sample BlackBerry WebWorks applications here that demonstrate how to integrate OAuth with Twitter, FaceBook and Foursquare:
https://github.com/blackberry/BB10-WebWorks-Samples
Good luck!
Related
I am attempting to create an angular application that authenticates to the Google APIs as our administrator account so that it can gather details, such as a user's Google Drive info (number of files, total size, etc.)
I'm attempting to use OAuth 2.0 to give the application our "administrator" credentials. The examples provided in the Google API documentation shows how to accomplish such tasks by allowing a user to log themselves in, but I've yet to find anything demonstrating how to programmaticly authenticate an application as admin (or anything else, for that matter).
Is this possible?
After a bit more research, I finally found a question relevant to the issue with what appears to be a detailed solution! It's all about using the right key words... "programatically" was the word that finally got me there :)
Of course, I'll be using JavaScript/Angular, not Python, but I believe the concepts will be the same.
I need to access the active version on SAP Cloud Platform of HTML5 apps through an api.
I know for the java apps you have the lifecycle api: doc
But you can't access HTML5 information with this API.
What I found is this service: https://account.hana.ondemand.com/ajax/getHtml5AppDetails/{subaccountName}/{appName}
This will return a JSON string with the required info, but I'm not authorized to access this page, although I have all the possible admin rights.
So I'm wondering If any of you has any idea to solve my issue, and other people's issues.
Well, we needed something similar and used this kinda hack to get the active versions via WebIde Api (need basic Auth to login) replace XXXX with your account
https://webide-XXXX.dispatcher.hana.ondemand.com/api/html5api/accounts/XXXXX/applications
You get back a json array with all your applications of that sub account, including active version and other interesting information
Hope it helps ;))
Regards Mathias
You could create a HTTP Proxy Servlet based on https://github.com/SAP/cloud-connectivityproxy that provides read only access to https://dispatcher.hanatrial.ondemand.com/hcproxy/b/api/accounts/<subaccount>/applications/<app> for your app.
In a .NET 4.5 Application, what are the benefits of using OWIN middleware Microsoft.Owin.Security.Facebook instead of the javaScript SDK provided by Facebook?
Looking at the example of how to setup OAuth2 Sign-on in MVC6 here http://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on , it doesn't appeal much to me.
If the user is on the website for the first time, the example on the link above redirects the user to the Register page and populate the email field with the value provided by Facebook. Is it all it does?
Because it's quite straight forward to just use the JavaScript SDK for Facebook and achieve the same result with a few lines of JavaScript.
Am I missing something? Why do people use Microsoft.Owin.Security.* libraries?
Thanks
Yes It depends on what you develop. Server side or SPA !
If you want to host your your application with Owin and use EF ,Identity,Claims. You will need Microsoft.Owin.Security.*
But for a simple SPA the javascript SDK will do !
I have a 'little' problem.
I am working on a project for school in Ruby on Rails: a platform where people can share things with eachother. I recently started working on widgets which people can place on their website.
In the widget you see this 'thing' and how much it is shared. But now when someone loads the widget I want to check if he is logged in on my website and then show him which friends of him/her also shared that thing. I've Been thinking and trying a few hours now but haven't figured something out yet.
I have tried to use the Facebook SDK but could not get it to work because this is domain limited. Altough Facebook would not have been the best option I think because then it is only available for people who have their Facebook account linked to their account on my website.
Probably I have to create something by my own. But I have no clue how to do it right now. I hope someone can point me in the right direction.
If A and b are on the same domain as a subdomains you can use cookies to store authentication token and in that case that will work.
If not, you can use OAuth for example http://en.wikipedia.org/wiki/OAuth.
Ruby has a bunch of gems to support that. Devise has OAuth integration as well as authlogic.
Twitter uses that widely.
Also there are CAS and WebAUTH those do quite the same.
You can list both domains (A and B) on application settings under Basic section in App Domain field. This will allow you to use Facebook JS-SDK on both sites with same application id.
You should understand that this will allow both sites to access personal info of your users and this should be done only if you have control on those sites since you are responsible for application who uses JS-SDK
Hi I have integrated Facebook with asp.net web site through open id But now it is not working . I think Facebook change process of authentication.
So there is any way to integrate Facebook account with asp.net web site . Please suggest me usable link or samples.
I highly recommend the Facebook C# sdk which provides support for the full breadth of the API and is frequently updated. It also has quite a good bit of documentation (which I won't re-print here, since it would be specific to the library and if the link moved or the library went away, wouldn't have any value)
If all you want to integrate is auth, I would still recommend using the library if for no other reason an it handles the signing part for you, and gives you room to do more in the future.
Facebook doesn't use OpenID, they use OAuth 2.
Oldish, but I think still accurate for Asp.Net
http://osnapz.wordpress.com/2010/04/23/using-asp-net-with-facebooks-graph-api-and-oauth-2-0-authentication/
Here's another for MVC3
http://www.codeproject.com/KB/aspnet/net_mvc_facebook_oauth.aspx
Try this Gigya they provide free services through you can put social authentication to your website. But in free service their little backlink comes but for premium users there is no backlink.