I'm using the 'Authenticating without the SoundCloud Connect Screen' method of authentication (see http://developers.soundcloud.com/docs#authentication). That's the method where you provide the whole shebang of credentials -- client_id, client_secret, username, and password. I'm also using the Ruby SDK.
# create client object with app and user credentials
client = Soundcloud.new(:client_id => 'YOUR_CLIENT_ID',
:client_secret => 'YOUR_CLIENT_SECRET',
:username => 'YOUR_USERNAME',
:password => 'YOUR_PASSWORD')
I am trying to use the client to resolve a user.
puts client.get('/resolve', :url => 'https://soundcloud.com/random-username').inspect
However, I keep getting a 401 Unauthorized returned by the client.
I can confirm that I am authenticating, because the following executes fine.
puts client.get('/me').username
Does anyone have any clues what I'm doing wrong?
I figured out that you need to include your client_id in every request.
puts client.get('/resolve', :url => 'https://soundcloud.com/random-username', client_id: 'YOUR_CLIENT_ID')
Related
My Rails app is an oauth provider with Doorkeeper. Client registered apps could make API calls to retrieve informations from my service on behalf of user.
What i want to achieve is client app being able to :
register new user on my app via API dedicated endpoint
authorize this user and return an authorization code
In one or two calls, it doesn't matter.
Users are managed by Devise. I see how I can create user via Devise Invitable but I don't know how I can authorize this user with Doorkeeper because User must be authenticated before being authorized even with skip_authorization config.
I would like some help or just ideas to achieve that. Thanks
Finally I found a solution in Doorkeeper issues :
app = Doorkeeper::Application.where(uid: params[:client_id]).first
access_token = Doorkeeper::AccessToken.create!({
:application_id => app.id,
:resource_owner_id => #user.id,
:scopes => 'all',
:expires_in => Doorkeeper.configuration.access_token_expires_in,
:use_refresh_token => Doorkeeper.configuration.refresh_token_enabled?
})
#token_response = Doorkeeper::OAuth::TokenResponse.new(access_token)
puts #token_response.body
I can use this code in my user signup endpoint to create user and then return access_token.
I am building a web app requiring access to a users gmail using Oauth2. I registered my app and can get the initial code, but can't figure out how to get an access token and refresh code afterwards.
First, the user is sent to a secure google page to put in user name/password. Afterwards, google redirects the user to something like:
127.0.0.1/oauth2callback?code=4/ux5gNj-_mIu4DOD_gNZdjX9E
I have this method below to handle the redirect. The code is sent with other info in a post request back to Google in exchange for a access token and refresh code. Unfortunately the response in the bottom has blank body. What am I doing wrong? Do I need to call another function on response to get the access token?
def oauth2callback
require "uri"
require "net/http"
uri = URI.parse("https://accounts.google.com/o/oauth2/token")
http = Net::HTTP.new(uri.host, uri.port)
request = Net::HTTP::Post.new(uri.request_uri)
request.set_form_data(
{'code'=>params[:code],
'client_id' => CLIENT_ID,
'client_secret' => CLIENT_SECRET,
'redirect_uri' => '127.0.0.1:3000/oauth2callback',
'grant_type' => 'authorization_code'})
http.use_ssl = true
response = http.request(request)
#response.body() is blank
end
Your redirect uri must match exactly the one, the user got redirected to. In your case this is 127.0.0.1/oauth2callback without :3000.
However, I believe that for Google both uri's needn't to be identical, but at least defined in the developer console, so maybe you could try adding 127.0.0.1:3000/oauth2callback to your developer console.
I want to login using twiter app for that i used gem 'omniauth-twitter' now please tell me whats app url in twitter when i want to use localhost:3000 i gave http://0.0.0.0:3000 as url
and in call back url my index page
like
localhost:3000/index
my app not able to redirect to twiiter page on click on this link
http://localhost:3000/auth/twitter
please some body help me .....
For the callback URL use http://127.0.0.1:3000 as base and specify the route to the controller that deals with omniauth information.
Example: http://127.0.0.1:3000/auth/twitter/callback
I'm also using twitter-omniauth for signing people up with twitter... these are the routes I'm using in routes.rb, relating to twitter-omniaouth:
match '/auth/twitter/callback' => 'sessions#create'
match '/signin' => 'sessions#new', :as => :signin
match '/signout' => 'sessions#destroy', :as => :signout
match '/auth/failure' => 'sessions#failure'
Hope it helps?
This is the tutorial I followed. Scroll down to the Google open-id integration:
https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
On the server I get the following rejection message after clicking the login with google link:
WARNING: making https request to https://www.google.com/accounts/o8/id without verifying server certificate; no CA path was specified.
processing by users omniauthcallbackscontroller failure as html
EDIT the following two lines fixed the CA path Warning but did nothing to fix the failure as html problem or move me forward
require "openid/fetchers"
OpenID.fetcher.ca_file = "/etc/ssl/certs/ca-certificates.crt"
It then re-routes me to users/sign_in.
My devise config line looks like this:
config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'), :name => 'google', :identifier => 'https://www.google.com/acounts/o8/id', :require => 'omniauth-openid'
My research tells me that I'm probably hitting the openID servers but that I'm getting rejected. Is there anyway to get more info from some sort of rejection notice? What could be wrong with my request?
One thing I thought of was credentials for open ID but I didn't see anywhere in the tutorial where I was supposed to get or enter any credentials.
Try to specify the ca_path:
config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'),
:name => 'google',
:identifier => 'https://www.google.com/acounts/o8/id',
:require => 'omniauth-openid',
:client_options => {:ssl => {:ca_path => '/etc/ssl/certs'}}
And see if it works.
I just got setup using Rails 3, Devise and OmniAuth via https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview.
I want integrate my app with vkontakte.ru. When i'm using this config everything goes fine i can create user and i can access user data.
config.omniauth :vkontakte, 'xxx', 'xxx'
But when i'm adding a scope param
config.omniauth :vkontakte, 'xxx', 'xxx', {
:scope => "notify,friends,photos,notes,docs,pages,wall,offline"
}
omniauth raise failure(redirects me on user sign up page and dont store data in env["omniauth.auth"]).
I'll be appreciated for any help.
Seems like that's because of the attribute expires_in=0 in the VK oauth response, that indicates the long-living token that was requested by the 'offline' scope and leads to the instant token refreshing by omniauth.
I've just submitted patch here.