I'm developing an app that will need google's OAuth2.0. Initially, I was trying to test the webservice using postman. and below are the steps that I've followed.
In https://console.developers.google.com/, I've created a project.
Under Library I've enabled Google People API
In credentials, I've created one with https://www.getpostman.com/oauth2/callback as redirect URL
I got the lient secret and client ID.
With the above details I'm trying to test the same in postman.
In post man I did the below steps.
Selected OAuth2.0 under Authorization and clicked on get new Access token. This opened a new window and I entered the below details.
Auth URL : https://accounts.google.com/o/oauth2/auth
Access Token URL : https://accounts.google.com/o/oauth2/token
Client ID : the one that I got from google console
Client Secret : the one that I got from google console
Scope: https://www.googleapis.com/auth/contacts https://www.googleapis.com/auth/contacts.readonly https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/user.addresses.read https://www.googleapis.com/auth/user.birthday.read https://www.googleapis.com/auth/user.emails.read https://www.googleapis.com/auth/user.phonenumbers.read https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Grant Type: Authorization Code.
And when I click on request token, I'm redirected to accept the permission and to my surprise, the configuration details window (In postman), doesn't go off and display me a token. Below is a screenshot post I click on Request Token.
Please let me know where am I going wrong and how can I fix this.
Thanks
Related
I am trying to send the Single Tweet GET request from Twitter API v2 collection. I used the OAuth2 Authorization Type.
When I click on Get New Access Token, after providing the Configuration Options I get the following window
But when I click on Back, I am logged in to my Twitter account.
Meanwhile, my Get New Access Token window is still waiting to receive a response.
Has anybody encountered this before?
I've tried using Bearer Token instead and it works without a problem.
I also tried logging out and logging back in from the Twitter login but still did not authenticate successfully.
For me, it's because I used localhost in my callback URL.
Don’t use localhost as a callback URL
Instead of using localhost, please use a custom host locally or http(s)://127.0.0.1
ref: https://developer.twitter.com/en/docs/apps/callback-urls
My Problem is solved Now, This issue was caused Because I have not added the Callback URL in the postman that I have added in the Twitter developer account project.
And Second main reason for that because I did not add the accurate scopes tweet.
We are developing a web application with Google OpenID Connect Single Sign-On and currently having trouble in google authentication.
Every time we access the application login page, the URL of google account chooser is randomly changed.
Sometimes it goes to https://accounts.google.com/signin/oauth?response_type=code&client_id=... which is what we expects, sometimes goes to https://accounts.google.com/AccountChooser?oauth=1&continue=... that results in 400. That’s an error. The server cannot process the request because it is malformed. It should not be retried. That’s all we know. shown in google error page.
We follow https://developers.google.com/identity/protocols/oauth2/openid-connect to implement OAuth 2.0 authorization code flow.
Here are some of parameters we specified in auth request.
response_type: "code"
scope: "openid email"
openid.realm: App URL
redirect_uri: App callback URL
nonce: Not set
Any help would be greatly appreciated.
Thank you.
The goal is to be able to login in mobile app(react native) with:
in app username and password
"Login with LinkedId" feature.
I've researched a lot on this topic, and read the Kévin Chalet's(#Pinpoint) blog series and also cloned the sampels from: https://github.com/openiddict/openiddict-samples
I've created test server app:https://github.com/Jamaxack/OpenIdConnectAuthLinkedIn
I'm able to test the authorization to LinkedIn with https://oidcdebugger.com but now, I'm confused. Without https://oidcdebugger.com how can I test the LinkedIn authorization? for example with Postman? For my case what Auth flow should I use?
options.AllowImplicitFlow()
.AllowPasswordFlow()
.AllowAuthorizationCodeFlow()
.AllowRefreshTokenFlow();
Thanks in advance.
You can use Authorization Code Flow to login using Linkedin and request permission from the member .
If using Postman , you can try below steps :
Add a new request , click the Authorization , choose OAuth 2.0 as TYPE , and set Add authorization data to to Request Headers . If you want to inspect the authorization headers and parameters that Postman generates, click the Preview Request button.
Click the Get New Access Token button . Input the correct callback url, auth url, token url , client id, client secret and scopes , callback url should match the one register in linkedin application portal .
Now you should now see a screen prompting you to login to your LinkedIn account. After click Allow in Application Authorization Confirmation page , you will get token in Postman .
Making a Get request to api https://api.linkedin.com/v2/me with token as authorization bearer token header , and you will get the correct response from linkedin API endpoint .
We have an application that uses Dropbox API. When the user goes through the Dropbox OAuth 2 flow and signs-in using their email address and password, all works fine and we get the access_token. However, when the user uses the "Sign in with Google" flow in the Dropbox authorization dialog, we get back code which we then try to exchange for access token but the request fails with {"error_description": "code doesn't exist or has expired", "error": "invalid_grant"}.
Here's the steps we use:
1.
var dbx = new Dropbox.Dropbox({ clientId: clientId });
var authUrl = dbx.getAuthenticationUrl('https://www.dropbox.com/1/oauth2/redirect_receiver');
This gives us url https://www.dropbox.com/oauth2/authorize?response_type=token&client_id=...&redirect_uri=https://www.dropbox.com/1/oauth2/redirect_receiver.
2.
Open authUrl in a popup.
3.
User uses "Sign in with Google"
4.
We get a redirect to the URL below that contains the code:
https://www.dropbox.com/google/authcallback?state=...&code=...&scope=...
Now trying to exchange the code for access token with POST to https://api.dropboxapi.com/oauth2/token gives us:
{"error_description": "code doesn't exist or has expired", "error": "invalid_grant"}
The problem here is that, given the use of the Google Sign In flow, there are actually two OAuth authorization flow instances occurring; the Google Sign In flow is nested inside the Dropbox app authorization flow. Your app doesn't actually need to know about this though.
That https://www.dropbox.com/google/authcallback URL is Dropbox's redirect URL for the Google Sign In flow, and accordingly the code given there is for the Google OAuth flow, not the Dropbox OAuth flow. Attempting to use it for the Dropbox OAuth 2 flow will accordingly fail as you've seen (since it actually came from Google, not Dropbox).
You should have your app wait until your own redirect URL (in your shared code, https://www.dropbox.com/1/oauth2/redirect_receiver) is accessed, and only then take the code from there and exchange it for a Dropbox access token.
I am trying to exchange the authorization code I received without success. I am using the manual way where I omit the redirect url:
https://api.dropbox.com/oauth2/authorize?response_type=code&client_id=<key>scope=&state=<state>
when this url is activated it will take the user to the authorization screen, if the user authorized the app, it DOES NOT redirect, instead it prints an authorization code such as:
Enter this code into <app-name> to finish the process.
GooKWtwe54AAAAAAABABSUl_Ruv1COvpBBCuWQ5kv2g
How do I exchange this code for an access token?
If you're not supplying a redirect_uri parameter on /oauth2/authorize to automatically redirect the user, you can prompt them to copy that authorization code into your app manually. Then, your app should exchange that authorization code for an access token using /oauth2/token.
Also, note that /oauth2/authorize should be accessed on www.dropbox.com not api.dropboxapi.com, as it is a web page. The /oauth2/token endpoint is an API call, so that should called on api.dropboxapi.com.
You can find the documentation for both of these here:
https://www.dropbox.com/developers/documentation/http/documentation#authorization