I am working on SPA and HTML5 Mobile application that's consume my server application via rest api. Server app connects to Google Adwords Api and then sending data to client app. My question is: is it possible to use google oauth login as login for my server api. And how?
Do I need to use FOSOAuthServerBundle?
Best,
Antonio
This is the flow for this use case: https://developers.google.com/identity/sign-in/web/server-side-flow
And after this you can use google token as your api token, or build your own oauth and use your own token.
Also it is possible to use FOSOAuthServerBundle with custom grant
Related
I'm having the following scenario:
A frontend SPA based on Vue.
A Nest.js-Application providing an API
The user should authenticate against the Nest.js Application with Azure AD.
The Nest.js Application should provides several Endpoints where other Apis (e.g LinkedIn or Graph) should be consumed.
My Question now is if this scenario is realizable and if yes how do I have to implement the Authentication for the External Apis which are consumed by the Nest-Application?
Many thanks in advance
If I understand you correctly, you want users to be able to authenticate with Azure AD, LinkedIn e.t.c. for LinkedIn you can use http://www.passportjs.org/packages/passport-linkedin-oauth2/, the goal is to get a token that contains the user's information after authorization with these external APIs on the backend, you have to set a URL on the backend that points to the frontend with the token appended, on the frontend, you need to provide the callback URL, get the token from the URL, then you do a redirect.
I am building a speech to text application for browser. Right now I am recording and sending the voice from frontend to backend, from backend calling the google api for converstion. Now the problem is processing time is high.
what I need is to call the google api from frontend itself. problem with this step is api key is getting exposed to user and leads to security issue.
So can I generate a session based auth token for speech to text api, which will be valid for client for some duration of time. any tutorial link will also do.
Just about everything Google creates supports OAuth 2.0. Text to Speech certainly does.
Authenticating is easy. Here is a link on how to use OAuth 2.0 with Google APIs.
Using OAuth 2.0 to Access Google APIs
Here is link on how to integrate Google Sign-In to your Web App:
Add Google Sign-In to Your Web App
And a link for adding OAuth 2 to your backend server in PHP:
Using OAuth 2.0 for Web Server Applications
I would use Google Accounts to start. Google Sign-In makes this easy to implement for the client. Either implement OAuth 2.0 on the backend (recommended) or on the client.
Once you complete the OAuth 2 flow, you will have a token that consists of an Access Token, Refresh Token and Client ID Token. You will use the Access Token to authorize API calls. You will use the Refresh Token to refresh the Access Token as it expires every 60 minutes. The Client ID Token will provide you with their identity information.
I have a question about using a 3rd-party API for authentication.
I would like to use firebase for building an application.
I would like to use data from a 3rd party like strava.
What is the best way to Inegrate the Strava-api with Firebase.
How can I implement Strava-authentication in Firebase?
Strava API OAuth2 protocol for authentication and the use of a Firebase product like FireBase Authentication are not related..
OAuth2 authentication for Strava is for authenticating against the API EndPoint. This will then get user consent and offers a secure way for accessing their data.. FireBase authentication is a way to authenticate users into your app and is a gateway to products like FireBase Storage or RealTime DataBase. Both can be used in conjunction but are not related in code..
we are building SPA and mobile app (spa with phonegap). We need to access/login/authenticate to our custom rest api build in Symfony2. Is it possible to login user with google oauth and then with google access_token authenticate to our API
This is the flow for this use case: https://developers.google.com/+/web/signin/server-side-flow
And after this you can use google token as your api token, or build your own oauth and use your own token.
Im building rest api (using PHP, Laravel) which is used by mobile applications. The api basically is just commenting system.
Im planning to allow users to log in (to use this api) using their Facebook/MS/Twitter etc accounths using OAuth 2.
Flow would be something like this:
Authenticate user in mobile client using (user) selected OAuth provider
Get access_token (also maybe username/email) from OAuth provider and save it to mobile client
User access my rest Api (leaves comment), I include OAuth auth token to request
In server side I validate this token
Does this make sense? Is there any better ways to build this kind of system where the actual authentication server is completely different than the resource server?