3rd party cookies & Google OAUTH - firebase

I started working on server side for my current porject and one of the biggest issues that i facing is with Google O-Auth. Since i am not experienced with the server i decided to use firebase throughout my project.
3rd party cookies are need to be enabled for Google OAuth. I am trying to find my way around it(means: even if the 3rd party cookies are disabled a user can login through google).
First Qestion: Is it even possible?..
i guess it is because i have tried few popular websites like bitbukcet where even if you switch off 3rd party cookies, the O auth works perfectly.
If yes then Second Question: How do i implement it? i was reading some Google Developer docs and found this "another workaround is to implement server-side OAuth 2.0 flows". I really do not understand this.
What i have tried:
I have tried two things, first the typical and easier way of going with firebase auth and google login with popup. Second, Login through GAPI AUTH.
I am looking forward to any answer.

You can look at this link for an overview on how to implement server side based Oauth2 flow for Google. Please ignore the bits which are youtube specific but the instructions should apply to any google auth flow.
Basically you do not need to include any client side JS files on your webpage etc since they don't work with 3p cookies blocked. The server side flow is free from that restriction.
Edit: Adding a more general link for server side Oauth2 flow

Related

What is equivalent of Facebook pixel in GTM for server side tagging?

With recently introduced feature of GTM, server side tagging and it's known benefits, I want to move my Facebook pixel browser code on server. So I am looking for equivalent of Facebook pixel for server side tagging.
The closest thing I found is Facebook Conversion api but not exactly same.
Would like to hear other views on how they are achieving this
There are quite a lot to learn and work to do this.
You need to understand the Facebook pixel hit's payload. Something like https://www.facebook.com/tr/?id={{pixelId}}&ev={{event}}&dl={{Document location}}...
Assemble the payload and send it to your Server Side GTM.
Create Client in the Server Side GTM to receive the hit.
Create Tag to dispatch the hit to Facebook.
The Server-Side GTM is not supported the 3rd party cookie and it means that the Facebook will not recognize the user you send from Server-Side GTM.
Facebook report will only show the conversion or event amount.
Can't use this for remarketing or attribution.
There are was no official Tag from Facebook for GTM Server Side. That's why I created my own https://github.com/gtm-server/facebook-tag
The tag sends the event data from the Universal Analytics/GA4 client to Facebook.
It developed exactly like an easy replacement for Facebook WEB pixel.

How do I use a web hook using Stripe and ARMember in Wordpress

I am working on a project with a third party website, in which I will create a membership recurrent plan, gather customer's information, store it, and charge the customer. Upon subscribing, the customer's credentials and information will be passed via an API to a third party website, where they will be able to access the service.
For the membership setup on my website, I am using ARMember, which is connected to a Stripe account. I am working with a developer for the whole API setup with the 3rd party website, but as a requirement, my developer is asking me to provide the webhooks We need a hook that can give user-object or user-signup details after the successful payment event.
Forgive me for being a newbie, as I am not a developer nor anything close to that. I have never worked with webhooks before.
In looking into ARMember's webhook documentation I found this, which I believe it is what my dev needs, arm_payment_gateway_validation_from_setup, however, there are no clear instructions on what to do with this, or how to use it. I guess they assume users seeking webhooks know exactly what to do with them, which is not my case. Please help anyone! Will be so grateful!

How to properly initiate an OAuth flow for Gmail Watch?

I'm trying to initiate Gmail Watch on behalf of my site's users and also get the messages according to what historyId I get on the corresponding PubSub Topic.
I have GCP + Firebase on the backend and Angular 7 in the frontend.
I face two problems here:
Doing this on the frontend seems the right way, with grantOfflineAccess, since it asks nicely on the consent screen for the required Modify scope. However, what I get back is an auth code, and I can't find out how to get access and refresh tokens from it, and use it in the backend Cloud Functions python part.
If I try this on the backend (which works), I have to initiate the flow from python, send the redirect to Angular and pop-up the consent url there. This already seems bad, since the consent screen does not say anything about what you're granting. Then I need a redirect url, which can't be a Cloud Functions url, because I can't whitelist it (can verify the domain), so it is now handled on the Angular side and sent back. Ie. the my oauth redirect is handled in the frontend, which also doesn't seem the right way.
Could you please advise on how to do this properly?
Thanks!

Google Oauth client was deleted. can I restore a new one?

We running a wordpress website use google oauth for third-party social login. (via WP Social Login plugin.) Former engineer is leave, and we cannot have past google account credential.
We face a problem shows:
Error 401
Error: deleted_client
The OAuth client was deleted.
but we can only see old client id and secret from website admin panel.
I wanna to know,
if we set up a new google oauth application id/secret, will it make user crash from login website?
Or, is it possible for us to restore/retrieve former application ownership and make it live again?
This happened to me when I was working on an Add-On (maybe not completely related to this question but similar). I mistakenly deleted a Client ID that I thought we weren't using.
How I solved it:
Created a new project in Google Cloud
Associated the Apps Script project (Add-on) to this new Google Cloud project
Then I re-associated the App Script project with my previous Google Cloud project
The previous step will re-compile, create and associate the Client ID to the App Script project. It will contain all settings from the Client ID manually created and associated with your project in the code.
Maybe this will give some light to anyone having a similar problem.
Here use this link:
https://support.google.com/cloud/answer/6251787?hl=en
You have to reach google and they will help you out, this is the only solution you can do.
In my case, the simplest/only path (though certainly not ideal) ended up being to create a new Firebase project and start using that.
This of course can be problematic if you have a lot of data to move and/or a nontrivial data schema - say, with nested collections. For me, it was worth the effort to get unblocked from Sign-In suddenly failing to work.
... ah, OAuth fun
=======
If you are trying to make the new Client ID work .. though it's not a total solution, but after searching for a while, found this config option in Firebase console - where you enable Google Sign In.
So if you generate a new OAuth Client ID, update the ID & secret there.
After I did this, it went from a 401 error to a 400 mis_direct , which I think was step in the right direction.

How to connect Facebook, Twitter & Google accounts in Java (Spring MVC)

I'm going through the features of social auth (http://code.google.com/p/socialauth/) & wondering if this is the best thing for my requirement. Please guide.
My web application currently has it's own login mechanism(native). But I'm planning to do the following:
Login through Facebook(F), Twitter(T) and Google(G) options
After login (either through F,T,G or native login), I want to give user the option of selecting F friends, T followers or G contacts (in a textbox with autosuggest facility)
So my doubt is: (social auth says that "..currently Facebook, Twitter and LinkedIn do not provide email addresses. UPDATE: Hotmail has stopped providing email addresses.")
So although I'll have a list of followers, friends or contacts will I be able to notify them once my user selects and submits his form?
Will it be through F,T or G respectively(through status updates, tweets or email?)
Moreover, I've one more scenario:
E.g. the user has logged in using Facebook. Now I want the user to be able to link her Twitter and Google account too. Can socialauth provide that?
If yes, how would I handle multiple profile objects of the same user?
Please guide or suggest any other library.
My application is in Spring MVC.
Or shall I use Spring Social?
Since your application uses Spring-MVC you should try Spring Social. It would be best for your application.
You can also use socialauth library. It also has spring version to connect with FB, twitter and others provider. Link for the same is as given below:-
http://code.google.com/p/socialauth/
Spring Social is best option for your requirement and in can be easily integrated with
There are 2 proven ways which can be used for this
Using Spring-security-oauth2
Using Spring Social
However, if you are using just Spring Social based on the facebook example, provided on the Spring Website then be mindful of these issues
It doesn't work for more than 1 user
Spring-social doesn't support Google either.
It is also difficult to change the redirect flow unless you override the methods
But the good thing is there are workarounds to fix them and they are quite simple.
Here is how to fix FB one user per application problem
For connecting/authenticating with Google
For Changing the default redirect flow
The Complete tutorial with step by step instructions can be found here
Having explored both oauth2 and Spring Social. I would suggest Spring-social as its lot more simpler and custom built for social logins only.

Resources