I've built a simple app that consumes the Google Analytics API.
I have authorized access through OAuth 2, but have only been using my account to save access and refresh tokens.
If I want to let others use the app, will I need to save an access token for each user?
For web app, you just need one, and put the tracking code in every page of your app.
I'm not sure about native app.
Related
I would very much like to enable users of my app to backup some of app data on their own Dropbox. I would like to direct users to login to their Dropbox account with their email and password and then the app would generate and store a file there without users having do anything on their own.
Is this possible?
I wouldn't want users to have to go to Dropbox App Console and then Create App and then fill in all the options and then copy the access token and paste in my app manually. That would repel a lot them.
I haven't seen anything in the docs suggesting that programmatic access to an account without an app created in the Console and generated access token is possible? Did I miss something?
Yes, this is possible. You as the developer would register the app once, and implement the Dropbox OAuth app authorization flow in your app to allow your end-users to then connect your app to their accounts.
You may want to check out the following guides:
https://www.dropbox.com/developers/reference/getting-started
https://developers.dropbox.com/oauth-guide
https://developers.dropbox.com/dbx-file-access-guide
What I want to do:
display videos from a client in a RN app. They keep them as private YT videos and only want to give access to paid users via a mobile app.
Apparently, after a few tests, an API key is not enough for that, as I get only the public videos.
I could get the private videos and playlists back using Oauth2 authentication, in Google OAuth2 playground.
Where I am lost is, how to programmatically get the authorization code, then the access and refresh token, on app startup, to attach them to the requests.
Every tutorial I find is about implementing it via the consent screen to authenticate a user.
I don't want to use a consent screen, I got the clients username/password already and just would like to authenticate in the background as the app starts.
Any good resources/tips out there to help me figure this out? Thank you.
As I am new to mobile development and I am using react native. I am trying to implement external login(Facebook/Google) login, I got libraries using which I am able to get the details of user profile such as firstName, lastName, email from both Facebook and Google. Here my question is, is it right and safe to get details of the user profile, and calling register api to register/login and get the JWT token to land the application to home screen? Or is there any way that we can just click on Facebook/Google button by passing just provider name we can get all details from web api itself.
I feel, fetching the user profile details from web api is safer than getting user profile using react native library/sdk and then calling register api to register/login the same.
If there any link or Github reference please share the same for better and in details understanding.
Thanks In Advance.
You seems to have it figured out yourself. Call Google or other third party to retrieve user details such as email and name. Then call your own backend to register that user to your platform.
The next time user login using social login do a similar call to your backend to check if user with the details exist in your database and send a corresponding response back.
Check this link Google Login React Native. This reference is a little old one but might give you a heads up.
Note: You will need to have corresponding permissions enabled in providers developer console. Some cases you will get an access token after login/signup using social media. You will then need to fetch user data from corresponding provider using their api or SDK.
Good morning.
I use google calendar API.
My program create a connection with the google calendar of multiple users.
From each user, i have their credential.json, but when the app start the first time show the browser quickstart confirm. How i can skip this step?
Thanks anticipated
I think you have seriously misunderstood how Oauth2 works.
You the developer goes to Google developer console and registers your application. If you will be requesting data from other users you will need to create Oauth2 credentials this will give you credeitnals.json file used by your application to request authorization of a user.
When each of your users runs your application they will be requested to consent to your application authorizing their data. If they do you will be granted an access token which gives you access to their data, this access token will expire after one hour. If you have also request offline access then you will also have a refresh token. If you store this refresh token some place then you will be able to access the users data when ever you need to by using it to request a new access token.
As for the unverified app screen, when you create your application it is basically in developer state, this is so that you can build and test your application. When you are ready to go to production you can request that your application be verified by google
Once your app has been verified the unverified app screen will stop showing up.
I have searched long and far for this on Google Identity documentation but my question seems to be out of it's scope (https://developers.google.com/identity/protocols/OAuth2).
This is what I have:
I have an app that is using Google's PHP Client library to authenticate a user via oAuth2. My application stores the retrieved token & refresh token from a user. I am able to use this token and refresh token to pull in information from various Google API's (Drive, Calendar, Mail, etc). I am also storing a cookie in browser to keep the user logged in to the application when the user closes the browser. I have created a simple way for users to login to the application via a QR code that matches up their stored token and refresh token. After the first login they are able to simply use a badge to login to the application.
This is what I want but don't know how to do
When a user logs into the application with their QR badge everything work perfectly (I am still able to pull in anything via the PHP Client Library/Google API's), however when a user goes to Gmail, Drive, or other Google service, Google is asking them to login (it's because they are not technically authenticated with accounts.google.com (only my application)). Is there a way to programmatically authenticate a user to accounts.google.com via a stored token/refresh token?
I was searching for a proper way to implement authentication of users with Google accounts into an app I'm developing. One thing led to another and I found this:
https://github.com/thephpleague/oauth2-google
They have a few implementations depending on how you may wish to implement OAuth2 (via separate repositories). I believe this directly answers your question, albeit 3.4 years later. Hopefully it will help someone else who is looking for this info.