I am looking for getting public status of users in twitter but while searching this api. I have not found any thing in documentation to get permission.
This endpoint requires special permission to access.
Returns all public statuses. Few applications require this level of access. Creative use of a combination of other resources and various access levels can satisfy nearly every application use case.
Resource URL
https://stream.twitter.com/1.1/statuses/firehose.json
please checkout api here
https://dev.twitter.com/streaming/reference/get/statuses/firehose
Related
I'm designing the architecture for a college project and I don't know how to deal with the user authentication and authorization part of it. The project is a desktop Electron app which would need two types (hence the roles) of users. They both need to be authenticated in order to use the app, and depending on their identity, they will have different authorizations. Since the project is meant to be used by teachers and students as part of a laboratory class after it is done, I don't think more than 30 people will be using it at the same time.
My first thought was using a PostrgeSQL database in AWS for this and implementing the authentication myself, but this means that users will have to sign up and create a new profile, which means remembering yet another <username/email, password>. Trying to avoid this, I read a bit about OAuth 2.0 and OIDC, and how it can be used to authenticate and authorize users without implementing either of those tasks oneself, but rather delegating the task to OIDC. I created a free account with Auth0 and thought about using it for the OIDC integration but after reading about 40 pages of an "OIDC integration handbook" they offer for free, I could not know if I would be able to distinguish my user base through these roles or tags as I mentioned. I just followed the steps in the tutorial handbook and tried to understand how the auth flow worked, but that didn't give me any information on my question.
So all in all what I want to know is: is it possible to implement this with Auth0 (free account) without having to use a third-party database solution (such as PostgreSQL with AWS)? If not, what would you recommend me to look into? Preferrably a solution that will let me discriminate between the two types of users BUT at the same time taking advantage of the OIDC implementation of Google for example.
There are 2 separate solutions here:
DESKTOP AUTHENTICATION
The 2 standard requirements are:
Use Authorization Code Flow (PKCE)
Login via System Browser
You listen for a login response via one of these mechanisms (I prefer the latter):
Loopback web server
Private URI scheme OS notification
My blog has some tutorials + code samples that use Electron. You can run both of the above listening options and see what you prefer.
API AUTHORIZATION WITH ROLES
You need to make roles available to the API via claims. This can be done by either of these mechanisms (I prefer the latter):
Including roles in access tokens via Auth0
Get the API to read user roles from its own database
My Authorization blog post discusses building up a claims object in an easy to extend way. The main objective is usually for API OAuth processing to result in an object something like this:
class UserPrincipal {
// The technical user id from the access token
string sub;
// The user id from your own database
string userId;
// The user's roles
string[] roles;
}
Given that object you can do things like this:
Use role based authorization when needed
Serve up user resources after login from your application data
TO SUMMARISE
Auth0 will meet some of your requirements and may be all you need in the early days. You will probably need to manage non OAuth user data in your API at some point though.
Happy to answer any follow up questions ..
I am trying to access the student list endpoint for Google Classroom.
I have successfully obtained my OAUTH2 token, I have requested the following scopes:
userinfo.email
userinfo.profile
classroom.profile.emails
classroom.courses.readonly
classroom.coursework.me
classroom.coursework.students
Every time that I try to retrieve the class list I am getting a 403 Permission denied and I'm wondering what I'm doing wrong.
Two things to mention: Here is a screenshot showing the permissions I have granted:
And, interestingly, even after having added the permissions, on the google project page where it lists the number of users using sensitive scopes - it is listed as zero (which is odd, I'd have thought it should be 1)
Any pointers would be really helpful!
Not a very satisfactory answer, but, if I add the https://www.googleapis.com/auth/classroom.rosters.readonly scope, then it allows me access and returns the email addresses at the same time (when calling the v1/courses/{courseId}/students endpoint)
If however you only have the rosters scope, then you can still access the v1/courses/{courseId}/students endpoint, but, you just don't get the email addresses returned.
Quite confusing to me.
is it possible to list all of the conversations in my slack organization using the API?
Or for the very least, within a workspace.
When I tried calling the "conversations.list" endpoint using a token with an enterprise token, I got an "enterprise_is_restricted" error.
When I invoked the same endpoint with a workspace token, I got a list of all of the public channels, and IM's that I'm a member of, but private conversations that my user (the primary owner) is not a member of were not retreived. Now it makes sense that I wouldn't be able to read them, but I'm looking for a way to list them, to get their name and members basically.
And than with files. I got the same "enterprise_is_restricted" error when I used my enterprise app token, and when I used a specific workspace token, I only got files that were shared with me. I want to be able to keep track of what files are being shared and with whom (for information security reasons), so this is very problemetic for me.
Yes it is possible. The following should give you at least permissions to all conversations within the workspace.
Generate an OAuth Access Token for your Slack app
Go to api.slack.com to set permissions for it. This particular method needs the following scopes: "channels:read,groups:read,mpim:read,im:read"
Install/reinstall the app and use that OAuth token to access your list of conversations
I've been creating an extension for VSTS, and so far i have stored some data in documents in collections (https://learn.microsoft.com/en-us/vsts/extend/develop/data-storage).
The problem I have now, is that I need to GET these documents somehow from an external application. I have looked into: https://github.com/Microsoft/vsts-auth-samples/tree/master/ClientLibraryConsoleAppSample to get the authorization done, but then I am unable to get the documents. If I try to access through the REST API I have issues authorizing myself(without the personal access token provided. The application is supposed to work for every user, and i cannot get and use every user's personal access token. This is not feasible for 350+ people) as well as I am unable to get the REST API working. The documentation on all of this is severely lacking.
Anyone able to help?
The documentation is lacking, because the Data Storage is isolated for the extension and there is no easy way to access the data from outside of the extension. If you need external access, you also need to store your data externally. Azure storage or in a TFVC/Git repo under the VSTS account.
As for per-user storage access, that's also isolated and would indeed require either a account owner token or a user specific Oauth or PAT token.
I have found the solution. The documentation states that there are 2 ways of working with the documents/collections. REST API and their VSS wrappers. The url required to get all documents in a certain collection is as follows:
https://{account}.extmgmt.visualstudio.com/_apis/ExtensionManagement/InstalledExtensions/{publisherName}/{extensionName}/Data/Scopes/Default/Current/Collections/{collectionName}/Documents/{documentName}.
Using this in a browser works just fine. All that needs to be done in order to use this with an external application is authorization.
If you use sdk methods from docs like VSS.getService(VSS.ServiceIds.ExtensionData) you can view (easiest in dev tool in browser) the request.
Its look like:
https://extmgmt.dev.azure.com/{organization}/_apis/ExtensionManagement/InstalledExtensions/{publisher id}/{extension id}/Data/Scopes/Default/Current/Collections/{collections (by default 'MyCollection')}/Documents
I'm connected to an API that provides information about cars based on their registration. According to the docs the api can provide both user specific data and general data about the registration supplied.
I am using the connection method which does require specific users data, and therefore does not require me to gain access to any specific users account.
On my end users will visit my application and enter a registration number which I will use to call the API and return all of the information about the car.
Am I right in my thinking that my application is essentially the 'user' as far as the api is concerned, and I will only need to use one access token. I can then use this access token to make multiple API calls (one for each user that searches on my application)?
Or will i need to set up an access token for each user that visits my application and treat them separately.
Only your application making the API requests requires a token, unless the licence agreement/documentation of this car API says otherwise.
As far as your users are concerned, your application is just magically sourcing the registration info from its database.