How the heck do you use the Bing API (now Azure Marketplace API)? Does it only support oAuth? Can anyone show me an example of how to authenticate to it? The documentation is silent and after an hour of frustration I'm posting the question here.
Here is the end point I am trying to hit:
https://api.datamarket.azure.com/Bing/Search/v1/Composite?query=sushi&sources=web
This throws up Basic Auth; if I cancel I get an error message saying that only Basic and oAuth are supported.
However, no combination of username and password known to my account works for Basic, and I can't find an example of how to use oAuth with it. I have an account set up, I have subscribed to the free tier.
After doing more research and experiment I was able to figure it out. The examples confused me (I think theyassume a lot of context about Azure's SOAPy conventions over REST, such as case sensitivity and quoted strings). Perhaps they will confuse others so I'm posting my answer here:
function searchBing() {
var request=require('request');
var url="https://api.datamarket.azure.com/Bing/Search/v1/Web?Query='sushi'&$format=JSON";
var key="[your account key]";
request.get(url, {auth: { user: key, password: key} }, function (error, result) {
console.log(error, result.body);
})
}
Related
I'm pretty sure someone must have asked this question before but I haven't been able to find anything to help me figure this out.
I currently have a set of users in my database and have my own sign in authentication mechanism for them. I am now required to add on Google sign in for my users but I don't know how I can map users who sign in with Google to their existing accounts.
Your help will be much appreciated.
Thank You
It is possible to do that,if they are using gmail you can access the user object, but from the client side. Unfortunately you may have to ask them to link.
So what you need to do behind the scenes is to check if their regoistered emaill address is a gmail. Then ask them to link. Follow the tutorial on firabase to learn how to link multiple auth providers here
firebase.auth().currentUser.linkAndRetrieveDataWithCredential(credential).
then(function(usercred) {
var user = usercred.user;
console.log("Account linking success", user);
},
function(error) {
console.log("Account linking error", error);
});
A question about firebase auth for authentication via phone number.
I was wondering if it was possible to link a "Phone Provider" to say a Google Auth Provider. There is no explicit mention of it in the docs.
The thing that had me scratching my head is - the Link Multiple Auth Provider docs talk about starting to authenticate with the new provider (phone provider) you want to link to the existing provider (google provider), but then stopping short of calling FirebaseAuth.signInWithXXX.
So in theory that would work like:
The user logs in via google (google idp provider)
The user kicks off the phone auth (phone number provider) - and gets an sms message.
The SMS should trigger an automatic verification in some cases or he types in the 6 digit code from the sms message
But based on the docs on account-linking, rather than call FirebaseAuth.signInWithXXX here, we can instead call FirebaseUser.linkWithCredential(PhoneAuthCredential).
So i was wondering if a phone number verification is considered complete without an explicit sign-in with the PhoneAuthCredential ?
You can link a PhoneAuthCredential to an existing user, in your case, a user with a GoogleAuthProvider.
After you sign in the user with Google.
You then go through PhoneAuthProvider.getInstance().verifyPhoneNumber(phoneNumber, ...)
This would resolve with a PhoneAuthCredential or a verification ID. You can then ask for the SMS code and instantiate a PhoneAuthCredential via PhoneAuthProvider.getCredential.
You can then link that credential to the currentUser: currentUser.linkWithCredential(phoneAuthCredential)
For future comers and javascript users here is a way to achieve that:
const phoneCreds = firebase.auth.PhoneAuthProvider.credential(this.windowRef.confirmationResult.verificationId, phoneConfirmCode);
firebase.auth().currentUser.linkAndRetrieveDataWithCredential(phoneCreds)
.then(response => {
console.log('*********', response);
// Manage other firestore data
})
.catch((error) => {
console.log('error', error);
});
I simply want to access my own gmail account and retrieve the 10 newest messages. I'm having a very hard time authenticating so that I can even attempt this.
I followed the instructions here: https://developers.google.com/gmail/api/quickstart/php
All appears to work, but now what? The documentation is tough to follow. The API calls work using API Explorer but how should I access the oAuth token in PHP?
Google provides the following exaple function:
function listMessages($service, $userId) {
$pageToken = NULL;
$messages = array();
$opt_param = array();
do {
try {
if ($pageToken) {
$opt_param['pageToken'] = $pageToken;
}
$messagesResponse = $service->users_messages->listUsersMessages($userId, $opt_param);
if ($messagesResponse->getMessages()) {
$messages = array_merge($messages, $messagesResponse->getMessages());
$pageToken = $messagesResponse->getNextPageToken();
}
} catch (Exception $e) {
print 'An error occurred: ' . $e->getMessage();
}
} while ($pageToken);
foreach ($messages as $message) {
print 'Message with ID: ' . $message->getId() . '<br/>';
}
return $messages;
}
How do I get the $service? I assume that refers to the keys stored in client_secrets.json but I'm unsure how to access.
I know this is a somewhat basic question (so basic that Google doesn't explain it) but I'm sure I'm not the only one to struggle with this.
Thanks!
You're in a common catch-22 - we've all been there.
You want to use Google API xxx (gmail in your case), so you read the docs about the the Gmail API. They make a passing reference to OAuth, along with a link, but there is a fire-hose of information there, so you skim read it and then go back to the Gmail docs hoping for a bit of sample code to copy/paste.
Unfortunately, you're probably going to have to go back to the OAuth docs and invest a few hours reading the. You'll know when you've understood it because you will be able to explain to yourself the difference between Authentication and Authorization. The main difficulty is that most of the sample code and explanations relate to the use case where your application has many users, each wishing to securely access their own email using your app. The use case where a single user wants to access his own email is an edge case and thus not well explained. this post might help How do I authorise an app (web or installed) without user intervention? (canonical ?). I wrote it for GDrive, but it will probably work for Gmail also.
I'm trying to use Google Contacts API to import a users gmail contacts. This works with my gmail but fails when others try to login with the following error message:
Error: invalid_scope
This app hasn't been verified to access: {invalid = [https://www.googleapis.com/auth/contacts]} Please contact the developer for assistance. Are you the developer? If this project needs these scopes, sign in to an account with access to edit your project and try again. If not, contact the developer for help.
Because of this message, I did some research and found this question which suggests that this app needs to be reviewed. I then submitted my app for verification. However, I received an e-mail saying that my app does not need verification from google.
Thank you for submitting the developer verification form. Based on the information you provided, you have access to the scopes that you are planning to use. If you add any more scopes in the future, you may have to go through verification.
The scope I am requesting is https://www.google.com/m8/feeds/.
Does this scope require approval from google?
I'm using the gapi library, below is my code:
function start() {
var auth_obj = {
clientId: currentUser.GOOGLE_APP_ID,
scope: 'https://www.google.com/m8/feeds/'
}
gapi.client.init(auth_obj).then(function() {
gapi.auth2.getAuthInstance().isSignedIn.listen(updateSigninStatus);
updateSigninStatus(gapi.auth2.getAuthInstance().isSignedIn.get());
})
};
gapi.load('client:auth2', start);
function getContacts() {
var access_token = gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse().access_token
var url = "https://www.google.com/m8/feeds/contacts/default/"
url += "thin?alt=json&access_token=" + access_token
url += "&max-results=500&v=3.0"
$.get(url)
}
Yes, If your app is going to be used by random other users and it is asking for the contact scope then it needs to be reviewed and approved.
The reason you got the answer from us (it does not need a review).. if you indicated that it was for your own usage or for just a few users. In that case you (and whoever needs to approve) can join a Google group. You probably joined the Google group and thus you can approve this app (or your account is part of gsuite).
Contact me with more details about your app and I can look into the specifics.
I suggest that you respond to the review and make it very clear what data you plan to access and how you are going to use it. If Google has any doubt about your intentions with the data, they see to be less likely to approve the request.
Also, if you plan to only read their contacts, you could modify your scope to be https://www.googleapis.com/auth/contacts.readonly.
I have tried to understand the whole OAuth concept but am failing to be able to progress my application. Lets start with some info about what I want to do:
Firstly, I am writing a blog application in Codeigniter, for myself. On this blog, I want to present some of my shared data from around the web, such as tweets, flickr, 500px photos, sound cloud tracks etc. I am starting with Twitter. I know I can use twitter appltes etc, but I want to this all in native code so that I can understand the whole OAuth process.
Secondly, All of the data on twitter, 500px etc is mine - no one will log into my blog, and therefore I am not interested in "sign in with twitter" type stuff.
Thirdly, I have registered my app with Twitter, and have the Consumer Key, Consumer Secret, an Access Token and an Access Token secret.
Now this is where I think I am going wrong. Lets say I want to grab my own timeline. The twitter API says this needs to be authenticated. Can I not just pass my two keys, and my Access Token to retrieve my timeline.
I have tried all sort of things and keep getting an error of:
{"errors":[{"message":"Invalid or expired token","code":89}]}
I know my access token is correct as I can see it in my twitter api panel.
If I make this call, which I know does not need authentication, it brings back my user details just fine:
$user = $this->rest->get('http://twitter.com/users/show', array('screen_name' => 'jamesstoddern'));
However, if I try to connect to my timeline with something like this, it fails with the error stated above.
$authArray = array(
'consumer_key' => 'MY KEY HERE',
'consumer_secret' => 'MY SECRET HERE',
'username' => 'jamesstoddern',
'access_token' => 'MY ACCESS TOKEN HERE'
);
$timeline = $this->rest->get('https://api.twitter.com/1/statuses/home_timeline.json', $authArray);
I am obviously doing something wrong, but all of the examples I find seem to be about authenticating other users with a "Sign in with twitter" button, and not about just authenticating your own application silently.
I would be so greatful if someone could give me some pointers or an example that does just what I want it to do.
I am using Codeigniter, and have tried Phils Sturgeons OAuth spark but cannot find suffient examples to help me out. I really find all of this a struggle.
Please can someone explain the steps I need to take to authenticate my own application silently so that I can make calls to my own twitter resources. Once I understand this concept, I should be able to apply the same logic and understanding to connect to my 500px photos for example. I do not want to use twitter specific code and want to make all of this as generic as possible so that I can connect to any API in theory.
Thanks all and sorry for such a long winded question!
James
I know this question is quite old but maybe I can help. I found this guide really helpful which explains the steps you need to take to authorize a request. I have also created a CodeIgniter library for using the Twitter API. It may be work getting a copy of it and looking through to code to see how its done.