I want to integrate SkyDrive with single sign on in which users has to sign in and give consent only once in our website. After that they can access their SkyDrive files/folders to upload seamlessly.
I have created my application and did all app settings as mentioned in http://msdn.microsoft.com/en-us/library/dn659751.aspx.
I followed sample in link https://github.com/liveservices/LiveSDK-for-Windows/tree/master/src/Web/Samples/OAuthServer/Asp.net/OAuthSample
But I am getting 400 error bad request when I use REST API to get access token and refresh token.
can someone help please?
This may be a Redirect Url issue. Can you check to see if the Redirect Url that you're using is the same in the following 2 places:
When you created the app (in your app settings page -
https://account.live.com/developers/applications/summary/YOUR_APP_ID)
The redirectUrl passed as parameter in your REST API call. (GET
https://login.live.com/oauth20_authorize.srf?client_id=CLIENT_ID&scope=SCOPES&response_type=RESPONSE_TYPE&redirect_uri=REDIRECT_URL)
Related
I am new to Google Actions. I am building action to access my smart home device from google home/assistance. I have already filled the Account Linking details from my auth server on action console.
I have provided the Fulfillment URL on Actions tab.
When I try to link the account from Google App (i.e. Home > + > Set up device > Works with Google > [test] My_Action , it redirect to my server's Authorization, there I submit my server's username and password and it redirect back to google home page and my account is successfully linked and my devices are showing in the Google Home.
But, When I try to link my account using OAuth 2.0 (https://developers.home.google.com/cloud-to-cloud/project/authorization) it doesn't link the account.
Here are the steps I follow.
Open the URL in the browser.
https://auth-dev.iotondemand.com/oauth/authorize?client_id=client&redirect_uri=https://oauth-redirect-sandbox.googleusercontent.com/r/MY_PROJECT_ID&state=somerandomstring&scope=read+write&response_type=code&user_locale=en
It opens the login screen of my server, when I submit my credentials it redirect to the following url along with authorization code which is generated by my auth server and the state parameter.
https://oauth-redirect-sandbox.googleusercontent.com/r/MY_PROJECT_ID?code=VGdKtk&state=somerandomstring
And
'Invalid State Parameter. The Link can not be completed.'
this is written on browser.
Invalid State Parameter. The Link can not be completed.
What's wrong am I doing? I am passing some random string to my authorization url and it gives back the same string and redirect it to oauth-redirect-sandbox.googleusercontent.
My action is still in development mode. I haven't deployed it yet.
If you are able to complete account linking using the Google Home App, you are good to go with your implementation. This flow is also using OAuth2.0, where the user is sent to your authorization url to fill in credentials, then Google servers will use the authorization code you provided in this flow to retrieve access and refresh tokens from your token url. (The fulfillment url you provided is not used throughout the Account Linking process)
I am trying to configure login using Auth0. As part of the initial steps, I created an application and added Allowed Callback URLs and Allowed Logout URLs. I have no hosted pages in /login, /login-results, /logout routes. I am just trying to learn working of Auth0 by getting the JWT token and test it in http://jwt.io/.
I tried to use the login UI flow which available out of the box in Auth0. I created the login URL as mentioned in this doc to hit this endpoint
GET https://YOUR_DOMAIN/authorize?audience=API_IDENTIFIER&scope=SCOPE&response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=https://YOUR_APP/callback&state=STATE
But I am getting this error while executing the endpoint which I created using the credentials of my application with above-mentioned callback URL.
http://127.0.0.1:8080/login-results#error=access_denied&error_description=Service%20not%20found%3A%20name
Endpoint which I generated:
https://fsnd-kavin.auth0.com/authorize?audience=audiencename&response_type=token&client_id={CLIENT_ID}&redirect_uri=http://127.0.0.1:8080/login-results
What is the actual issue? Am I missing any other configurations?
Service Not Found
This error message points to that you passed non existent API identifier as audience. Check that API is created in the API section of Dashboard.
I want to make a website which users can see their posted pictures on the page.
I have signed up for facebook API and have an app id and app secret.
https://graph.facebook.com/oauth/access_token?client_id={#}&client_secret={#}&grant_type=client_credentials
I send users to the oauth to get the user's access token but I don't know what to do next.
https://graph.facebook.com/v3.0/me?fields=id,name,posts&access_token={#}
I thought this would work but I had the error below
"An active access token must be used to query information about the current user.",
The URL you are using to get the Access Token is actually an App Token API.
To generate the Access Token Please replace
https://graph.facebook.com/oauth/access_token?client_id={#}&client_secret={#}&grant_type=client_credentials
with
https://www.facebook.com/v3.0/dialog/oauth?response_type=token&client_id={#id}&redirect_uri={#}&scope=publish_pages
add a redirection url here where the token is published.
OR
better option is to use the login button mentioned here.
https://developers.facebook.com/docs/facebook-login/web/login-button
Also you can read here about all Access Tokens
https://developers.facebook.com/docs/facebook-login/access-tokens/
Posted this on github and was told to come here ask for help
Hello!
I am trying to implement custom authentication for my resources on Google Cloud Storage using this module with a service account. I am trying to abstract away the need for a Google account for my end users.
What the ideal workflow would look like:
User queries https://cdn.example.com/[[BUCKET]]/[[FILENAME]] using Bearer token
The API on that end intercepts the bucket and file name and checks the validity of the token
The API then would request the resource at https://storage.cloud.google.com/[[BUCKET]]/[[FILENAME]]
Step 3 Returns the Location header that I will pass over to the user
After snooping around a bit I found out that the Location header returned in step 3 in the form of https://[[DATA]].googleusercontent.com/download/storage/v1/b/[[BUCKET]]/o/[[FILENAME]]?qk=[[KEY]] is a public link that can be accessed by anonymous users too. Which is exactly what I want. However while using the storage API I can only see selfLink and mediaLink, not the link above.
I tried using google-auto-auth to sign the request with my service account towards the storage.cloud.google.com endpoint but I get an Unauthorized error.
From looking here I understand that to access the storage.cloud.google.com is based on cookie authentication, which google-auto-auth doesn't seem to do. All it does is add a Bearer token to the header of the request.
This looks like you need signedUrls
Yea, that would be great, if it didn't expose the email of the service account.
Cheers!
TL;DR How to get the redirect URL from storage.cloud.google.com links using a service account?
When i try get access token via oauth (oauth screen with Allow button) on my local machine it works, but when i do the same on test server: i get oauth screen, i press allow and it's redirects to callback uri with code, and then app asking for token (i use PHP lib):
$client->authenticate($request->get('code'));
$access_token = $client->getAccessToken());
and i get null in response and application does not get authorized and it's not in authorized apps in google account.
I've checked redirect URLs listed in Google APIs - everything matches!
And i don't get any errors from google, it's just redirects to callback url and not adds application to authorized apps list.
But it works on local with same credentials. Any one can help me and guide where the problem can be?
Solved. I did not set redirect url before $client->authenticate($request->get('code'));