I have been trying now for a while to retrieve Google Calendar information from a google user in Xamarin.Forms.
I started my journey using Xamarin.Auth but I could not get past an issue where after a login the CustomTab in my Android App would not close. Seems to have been an ongoing problem for years now and several people proposed hacks to get around this problem. I gave up on Xamarin.Auth at this point
So I tried to use Xamarin.Forms Web Authenticator to retrieve the calendar information. The documentation does not mention how to authenticate with Google so I tried this
var authResult = await WebAuthenticator.AuthenticateAsync(
new Uri("https://accounts.google.com/o/oauth2/auth"), // auth url
new Uri("packageNameOfMyApp://"); // redirect url
I am getting an invalid request error
How do I have to choose the first parameter of AuthenticateAsync to properly authenticate with Google?
Do I have to somehow encode the ClientId from my app I obtained after configuring my application login via the Google Developer Console?
It is not possible to use WebAuthenticator with Google. Google requires a web browser to do the authentication and does not permit your app to authenticate by itself. For the same reason, an approach where you use WebView in your app to navigate to the Google authentication site will fail
Related
I am trying to use GA4 API (with Google Python Client & Google Analytics Data Python Client) of Google with the Credentials authentication:
credentials = Credentials(
token=config['access_token'],
refresh_token=config['refresh_token'],
client_id=config['client_id'],
client_secret=config['client_secret'],
token_uri="https://accounts.google.com/o/oauth2/token",
scopes=['https://www.googleapis.com/auth/analytics.readonly']
)
This is working when my access token is not expired. However, this access token is expiring after 1 hour and I want to refresh it via following method:
credentials.refresh(google.auth.transport.requests.Request())
However, this code is returning "invalid_grant" error.
For that problem, I checked almost everything suggested (i.e. system clock/ntp, user permissions, etc.) however I couldn't fix the problem.
Also, I can't figure out about the refresh_token that I use is valid for Google Analytics 4 or not.
So, the questions are:
How can I able to solve this problem?
How can I assure that the refresh_token is valid for GA4?
If not valid, how can I refresh the refresh_token?
Is there any suggestion on the refresh of access_token, any other method or anything else?
Thanks
In my case, the solution was creating new OAuth client and generate a refresh_token for that account depend on the Google Analytics scope.
For that purpose, after I create the new client, I downloaded the client_secrets.json and run the Complete Example by Google and finally I am able to refresh the token.
I want to be able create calendar events in my Action that runs through Google Assistant.
Right now I was able to modify this Quickstart guide (https://developers.google.com/calendar/quickstart/nodejs) and use it in my current Dialogflow fulfillment. However, it's a little tedious to have the user have to copy and paste the authentication code after allowing Google Calendar access. Are there any better ways to do this that doesn't require the copy-paste flow? Thanks in advance!
Use Account linking with Google Sign-In
https://developers.google.com/actions/identity/google-sign-in
Then send a card to the user device with a link to authorise Google Calendar access. Store the authentication code securely against the user. Use the authentication code to make requests.
Broadly speaking, the approach you can take is to use Google Sign-In, as outlined in this SO answer: Google Home Authorization Code and Authentication with Google Account.
With this scheme, you use a website to get the user to authorize your use of the Calendar API scope, and you store the auth token against their UserID. Then you use Google Sign-In with the Assistant to get that ID. This works well if they go to your web page first, but not as well if they go to the Assistant first.
You can also setup an OAuth server that lets users sign-in using Google Sign-In on a web page (or use something like Auth0 and, as part of that sign-in, get authorization for the Calendar scope. Then use OAuth Account Linking in the Google Assistant to get an auth token which you can use to get the user's ID. You can then use this ID to lookup the authorization token.
After months of developing a Web App under Firebase suddenly these days we have a problem with the Authentication, it returns this console.alert only with Facebook and google login (email/pass login works fine):
[firebase-auth] Info: The current domain is not authorized for OAuth
operations. This will prevent signInWithPopup, signInWithRedirect,
linkWithPopup and linkWithRedirect from working. Add your domain
(front.qualify.mx) to the OAuth redirect domains list in the Firebase
console -> Auth section -> Sign in method tab.
The App uses 3 different sub-domains, and in all 3 we can access over email/pass but not Facebook nor google.
We tried updating the Firebase initialization script, nothing. We have checked the API keys (in the Google APIs Credentials) and there was a new "Server key (auto created by Google Service)" which no one told us it was generated (Jan. 18th), so we edited it to include the domains as the original API key in different ways (w/wo * and /*), nothing. We deleted this new Server Key, suddenly something different, now the console includes a 403 error before the alert stated above and returns auth/timeout code inside the object.
We also found the Identity Toolkit API has detected many errors, so we tried to add the URLs for login, logout and email, but nothing happens when trying to save.
What are we missing?
The solution was adding my-app.firebaseapp.com (being my-app the unique identifier of our Firebase App) to the HTTP referrers in the Browser-Key Credentials from the Google APIs console and wait some time to propagate.
After many months of development the app never had a problem, and we are sure we never removed such referrer (if it was ever there).
Anyway... it's done and learned.
The simple way I was able to solve this issue I had with my ionic project was by following the instructions in the log, if you don't see any message try console log the response from firebase.
So what I simply did was follow the url: https://console.developers.google.com/apis/api/identitytoolkit.googleapis.com/overview?project='projectId'
*projectId = the Id of your project
and enable the Identity API something it brought up. Finish, and it worked instantly.
I am currently setting up an external login (Google) into my AngularJS WebApp which is talking to a Web API, all locally, however I am having issues.
I have followed the steps in http://www.asp.net/web-api/overview/security/external-authentication-services on how to set up google authentication, which involves in just adding app.UseGoogleAuthentication(); without appId or clientSecret like other providers like Facebook.
Now going to my API I query and get all providers using following GET /api/Account/ExternalLogins?returnUrl=%2F&generateState=true , which return [{"Name":"Google","Url":"/api/Account/ExternalLogin?provider=Google&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A11942%2F&state=E2eXxoZ02yUg39-DrwZTXHnrV5FrOhUe-k-zz-oD6uE1","State":"E2eXxoZ02yUg39-DrwZTXHnrV5FrOhUe-k-zz-oD6uE1"}]
and from reading in the internet I stripped the URL /api/Account/ExternalLogin?provider=Google&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A11942%2F&state=E2eXxoZ02yUg39-DrwZTXHnrV5FrOhUe-k-zz-oD6uE1 and added into a anchor tag, so I suppose this should have redirected me to google authentication, however I receive a error message
Does anyone know why? Also when adding the link into an anchor tag I am adding the link for my API http://localhost:11942/ at the start.
Thank you
The method you are using to authenticate with google (Open ID) is deprecated, refer to:
http://blogs.msdn.com/b/webdev/archive/2014/07/02/changes-to-google-oauth-2-0-and-updates-in-google-middleware-for-3-0-0-rc-release.aspx
You need to use Google OAuth, try to follow the following article to configure Google authentication:
http://www.asp.net/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on#goog
I am trying to authenticate a user with Azure Mobile Services from within a ASP.NET Web Form (.aspx.cs).
I have provisioned my Mobile Service to authenticate with Facebook using the steps described here: http://azure.microsoft.com/en-us/documentation/articles/mobile-services-windows-store-dotnet-get-started-users/.
This tutorial, however, describes authenticating in a XAML app where popups can appear, but I need to Log the user in within a postback of the web form, where showing a popup is impossible.
According to the docs I can do this by using the LoginAsync() function, like this":
MobileServiceClient client = MyAppsMobileClient.getClient(); //this handles setting the app ID and url
MobileServiceUser user = client.LoginAsync("facebook","");
Now, my problem is the second argument of this function. According to the docs, this is of type JObject, and apparently it is a JSON object I obtain from facebook when I first log in. Now, I can make a simple Login form for the user to enter his facebook ID and password, but I still don't know how to obtain the JObject I need to log in to Mobile Services. Do I need to delve into the Facebook APIs? Is this done using Ajax? Any examples, guides or tutorials on this would be welcome.
You can create a jObject from the data received from Facebook like this:
var token = JObject.FromObject(new
{
access_token = "YOUR TOKEN HERE"
});
This sample was taken from this SO thread:
Azure Mobile Service LoginAsync with Facebook Token is Unauthorized
And here you can read how to obtain an access token from Facebook using JavaScript:
Obtaining an Access Token