I am implementing login through social networks in my Yii site. I am using gmail, linkedin, twitter and facebook. I need to get the email of the users who are logging in to my site using these networks. I am able to get the email of the facebook user. But not the other networks. How can I get it ?
This is not a Yii specific question (imo) but for the legacy of actually searching, people might end up on this post, looking for a Yii solution:
You should have a look at the yii-eoauth extention.
You will need to do the handshakes first to authenticate the users and afterwards you will be able to get the required details.
oAuth for Facebook
oAuth for twitter
oAuth for Google
oAuth for Linked In
Related
I want to know if someone could already do something like this, because the new Instagram basic display API is kind of different. Thanks in advance
I've been working in a Ionic 3 app, which authenticated users with Instagram API. But now Instagram API is no longer working, and was migrated to Facebook.
With the new API, Facebook no longer allows users to authenticate into an app using the Instagram Basic Display API, and the Graph API for Businesses and Creators requires a Facebook token.
I suppose they now want you to only use the Facebook auth flow to authenticate your users for your app, and then have them log in again to Instagram for Basic Display after your primary authentication.
"Data returned by the API cannot be used to authenticate your app
users or log them into your app. If you need an authentication
solution we recommend using Facebook Login instead."
https://developers.facebook.com/docs/instagram-basic-display-api
&
"All endpoint requests must include a Facebook User access token."
https://developers.facebook.com/docs/instagram-api/overview
Twitter API allows to update "the authenticating user’s current status", as explained in the documentation page.
What I'd like to achieve instead is to update another user's current status. Consider a magazine's twitter account. I'd like different people to be able to update the magazine's status. Tweetdeck allows this, but it also allows a whole lot of other things like access to Direct Messages. I only want to provide certain authenticated users an interface (similar to Twitter's post-a-tweet interface) to post status and images to the shared account.
I could not find a simple explanation of how to use Twitter API to achieve the above functionality. Could someone please help?
If you have an app that implements the status update API and it is delivered to different people and they authorize the app with the magazine's twitter account, then the app will update that status. I can show an example also with code if this is what you're asking. However the main point is that, once a user has authorized the app, she/he doesn't need to be connected with the shared login any longer because the app will do that on the magazine's behalf.
BTW, similar question here: Twitter API: post on behalf of whom?
Edit
Just to summarize the comments:
The standard OAuth authentication requires the following main steps
1) to develop an app (registered with OAuth consumer key and secret) that implements the API update status 2) to install and authorize the app: during this step the onwer will be requested to enter the credentials of the passive account in a Twitter link opened with the browser, 3) then - after a fallback - the app will store the access token and any user of the app will be able to update the status without login
Once you have developed an app that can post tweets on behalf of a passive twitter account using the standard OAuth, you could make that functionality available to the authenticated users of a website.
I am project owner of a community application built on Ruby on Rails: My question is about social network verifications.
We ask the user to add his/her social media profiles to his public profile of the community.
At the moment the user can simply put e.g. his/her Facebook URL to his profile, same for pinterest profile, Twitter and so on, but there is no validation for the urls, at the end of the day the user can add anything he wants, also blablabla
Is there a way to verify if his/her entries are valid?
Token, API, validation test?
Any hint is welcome,
Thank you
Most Social Networks have APIs and you can ask the user to link his account on your application to his/her account on a specific network if he/she wants to show profiles on these Networks.
For Example, you can use the Ruby Koala gem to communicate with the Facebook API. You can create a Facebook Application and link it to your website, then ask the user to grant your Facebook App the minimal default permissions, these will be sufficient to get the Facebook profile URL of the account that was acutally linked, i.e verified.
My ASP.NET MVC has login with Google, Facebook and Microsoft. It works fine. But when the user tries to login with gmail, the next message is shown in the google login page:
IP_ADDRESS_SERVER is asking for some information from your Google Account. To see and approve the request, sign in. Learn more
Instead of showing the ip address, I would like to show the application name or the domain, something like:
MyWebApplication is asking for some information from your Google Account. To see and approve the request, sign in. Learn more
or
www.mywebsite.com is asking for some information from your Google Account. To see and approve the request, sign in. Learn more
How can I achieve that? Should I change some configuration in the application?
You need to register the application with Google.
I'm just getting started setting up OAuth authentication in Ruby on Rails using Devise and so far have successfully setup Yahoo, Google and Facebook sign-in.
My goal is to provide one-click registration, so I need the providers to return an email address and was disappointed to learn that Twitter and LinkedIn do not return an email address. I've seen tutorials for "completing the registration process", but for my site that would defeat the purpose of one-click registration.
Are there any other OAuth providers that return an email address besides the ones previously mentioned that can be used for this purpose?
Thanks!
By the way Google's OAuth 2.0 authentication endpoints does return the email address if you request it, along with other useful data such as the user's picture, first and last name, birthday etc...
The documentation is here: https://developers.google.com/accounts/docs/OAuth2Login
LinkedIn's API does provide email ID if you ask for it. As far as I know, only Twitter doesnt send the email ID.
Yes, it is indeed a pain in the neck. I had to create a separate 'checkpoint' flow for a Twitter user's first-time login to my app and ask for the email ID.