OAuth authorization code grant using client libraries? - fusionauth

I have not been able to find support for the oauth2 login grant authorization code grant in the fusionauth client libraries.
I'm a little confused since it's the recommended login method according to https://fusionauth.io/articles/logins/types-of-logins-authentication-workflows
Is it correct that e.g. in the PHP or node.js client libraries this is not implemented or am I just not finding it?

Thanks #mugeez for the clarification.
I made a commit to add a method exchangeOAuthCodeForAccessToken to the PHP client library to help you with this. If you can test it that would be great and let me know if it works for you.
https://github.com/FusionAuth/fusionauth-php-client/commit/fee9a29088f636e1c044cfbf18352e152588ad9d
https://packagist.org/packages/fusionauth/fusionauth-client#dev-master

Related

Onelogin SAML authentification JIRA/Zendesk

I'm looking to set up a SAML using OneLogin. I would like to authenticate using OneLogin's python package python3-saml or onelogin and then connect to Jira API using Jira package.
As of now, I couldn't find any documentation on how to go about this.
Does anyone have any example they can share with me on achieving this type of authentication or provide me some useful links to read up on this topic?
Thank you very much!!

Require Permission On Sign In With GIS Client

gapi.oauth2 is being deprecated so I'm trying to set up Google Sign In using the new GIS Client. However I'm having a serious issue when the user grants access to scopes. The checkbox for one of the scopes is unchecked by default. Users often forget to check this and then our app just won't work for them. With gapi I could handle this by requesting additional permissions if they forgot to check the box. But the new GIS Client has no such functionality. Any ideas on how I might solve this problem? Thanks so much.
Normally, in an OAuth flow, in such a case you would make a new authorization request with the complete list of scopes that you need. The authorization server should be able to tell that you are asking for more scopes than the user previously consented to and ask for a new consent. It seems that GIS Client is using a standard OAuth flow, so I would try to solve your problem this way.

Can't find DocuSign login_information rest API under v2.1

We have been using DocuSign's "/restapi/v2/login_information" api for authentication but now we have to replace it with another authentication API which is currently available in v2.1.
Please suggest the new API that can replace login_information.
You will need to change form legacy authentication to the modern OAuth.
You can follow https://developers.docusign.com/esign-rest-api/guides/authentication and start thinking about using wither Auth Code Grant or JWT.
You can find code examples with the code here:
https://github.com/docusign/code-examples-csharp
This repo has code for both types of Authentication methods.

CherryPy authentication token

This is my first question in SO, sorry if it's poorly structured.
I'm a relative noob developer trying to make a REST Api with Token Authentication. I already made one with Flask and I want to make the same one with the help of CherryPy. The problem is that I'm quite lost finding some sort of plugin for CherryPy, I'm either blind or I just can't find examples nor plugins in order to make the token authentication. Could someone help me? Any info or advice will be of great help :)
This is what I achieved with Flask https://github.com/themese/flask-api
Really my problem is that with Flask and Cherrypy i found the same issue with the token auth, but with various SO posts and wiki info, I managed to code the token auth. I just seem not to be able to reporduce it with Cherrypy, perhaps the lack of info :(
I realize this post is a little old, but I would recommend you look at implementing tokens with JWT. You should use the PyJWT package and create a CherryPy Tool for route authentication & authorization checks.
Another method would be to generate a token using something like a uuid4 hex and persisting that token in your db.
I'd recommend you investigate JWT and how to implement it properly - Auth0.com.
I am a noob too. probably more so. Just trying to help.
From the docs:
Authentication
CherryPy provides support for two very simple authentication mechanisms, both described in RFC 2617: Basic and Digest. They are most commonly known to trigger a browser’s popup asking users their name and password.
link: http://docs.cherrypy.org/en/latest/basics.html#authentication

Use everyauth package for authorizing users to access data via REST api calls

I am developing a google chrome extension that needs to communicate with a nodejs server. I was wondering if its possible to use everyauth package to simplify authentication. For starters, I just wanted to use simple password based authentication. But from the examples and the documentation ,as well according to my trial, it seems to me that everyauth is designed to be used for a webapp and gives me errors if i don't set the getLoginPath. Also i am not sure how to configure everyauth to send the user details or errors after user authenticate in a json payroll rather than redirecting user to a particular page. This is my first project with node.js and I am looking for some advice on how to go forward with this. I am open to using some other package/library that provides such authentication,
Since you are open to using other modules, as the developer of Passport, I'd suggest you look at it: https://github.com/jaredhanson/passport
Passport is designed to be a simple and unobtrusive authentication library, which makes it easy to get up and running quickly. It's also modular and extensible, which allows it to adapt to your applications needs over time.
The examples provided, along with the local strategy ( https://github.com/jaredhanson/passport-local ) are enough to get you started with username/password authentication. Let me know if you have any feedback or questions.
I was able to accomplish a REST-only interface to everyauth by overriding its handler methods: https://gist.github.com/2938492