can't seem to find the info.
Let's say your shiny app's url is : "joe.shinyapps.io/great_app"
I'm looking to get that url from within that shiny app (running on shinyapps.io).
That way, the redirect URI I use for oauth could change dynamically based on which shiny app account I deployed the app to...
Thanks for any help
I found the answer while researching packages that do use user credentials oauth and shiny (those packages must use a redirect URI that is specific to the user's app). The following bit is taken from GoogleAuthR package.
if(!is.null(session)){
pathname <- session$clientData$url_pathname
hostname <- session$clientData$url_hostname
port <- session$clientData$url_port
url <- paste0(session$clientData$url_protocol,
"//",
hostname,
if(port != "") paste0(":", port),
if(pathname != "/") pathname)
Related
I am trying to connect to sharepoint to load excel files within an unattended R script using the package Microsoft365R
I have created the app within Azure, and assigned it permissions. I have been able to successfully connect to a users onedrive and list the files within it.
Code that works
library(AzureGraph)
library(Microsoft365R)
tenant <- "your-tenant-here"
# the application/client ID of the app registration you created in AAD
# - not to be confused with the 'object ID' or 'service principal ID'
app <- "your-app-id-here"
# retrieve the client secret (password) from an environment variable
pwd <- Sys.getenv("EXAMPLE_MS365R_CLIENT_SECRET")
# retrieve the user whose OneDrive we want to access
# - this should be their 'userPrincipalName', which is of the form 'name#tenant.com'
# - note this may be different to their regular email address
user <- Sys.getenv("EXAMPLE_MS365R_TARGET_USER")
# create a Microsoft Graph login
gr <- create_graph_login(tenant, app, password=pwd, auth_type="client_credentials")
drv <- gr$get_user(user)$get_drive()
drv$list_files()
When running the below code, i get the error
# the application/client ID of the app registration to use
app <- "your-app-id-here"
# get the service account username and password
user <- Sys.getenv("EXAMPLE_MS365R_SERVICE_USER")
pwd <- Sys.getenv("EXAMPLE_MS365R_SERVICE_PASSWORD")
# SharePoint site and path to folder
sitename <- Sys.getenv("EXAMPLE_MS365R_SPO_SITENAME")
folderpath <- Sys.getenv("EXAMPLE_MS365R_SPO_FOLDERPATH")
# use the 'resource_owner' auth type for a non-interactive login
site <- get_sharepoint_site(sitename, tenant=tenant, app=app, username=user, password=pwd,
auth_type="resource_owner")
Output:
Error in process_aad_response(res) :
Unauthorized (HTTP 401). Failed to obtain Azure Active Directory token. Message:
AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
The function doesn't appear to have an argument for client secret.
I have followed the vignettes within the package, but i must be missing something. Is anyone able to provide assistance?
Resource
https://cran.r-project.org/web/packages/Microsoft365R/vignettes/scripted.html
You will get the AADSTS7000218 error when you try to get an authentication token for an application with the "Web" platform configuration without the client_secret parameter.
How about when the platform configuration of the application to Mobile and desktop applications ?
To change the platform configuration:
Open the application from App registrations page on Azure AD, and open Manage - Authentication page.
Delete the existing Web platform configuration.
Open Add a platform and select Mobile and desktop applications.
I want to log in https://adventofcode.com/2021 programatically using httr.
I have only a very superficial understanding of the OAuth "dance", so to understand the principles I did the following:
Create an OAuth App on GitHub
Used the following code to authenticate (N.B. I know I could simply use oauth2.0_token but I felt that this workflow helped me to better understand the different messages, which are exchanged).
library(httr)
client_id <- "<my client id>"
base_url <- "https://github.com"
path <- "login/oauth/authorize"
client_secret <- "<my secret>"
url <- modify_url(base_url, path = path,
query = list(client_id = client_id,
redirect_uri = oauth_callback()))
code <- oauth_listener(url) ## needed to provide credentials in the web browser
access_token <- POST(modify_url(base_url, path = "login/oauth/access_token"),
add_headers(Accept = "application/json"),
body = list(client_id = client_id,
client_secret = client_secret,
code = code$code))
## successfully returns the values
GET("https://api.github.com/rate_limit",
add_headers(Authorization = paste(content(access_token)$access_token,
"OAUTH-TOKEN")))
From this example I think I understand the steps as highlighted in the documentation.
However, I fail to see how I could use this to login to https://adventofcode.com/2021. I have, of course, not the client_secret nor can I redirect the response to my localhost (as GitHub requires that the stored callback matches the redirect URI).
Thus, I was wondering how I could programatically login to https://adventofcode.com/2021 to fetch my task data, say?
I think you are mismatching OAuth2 roles. If you want to use adventofcode.com, you are a resource owner, adventofcode.com is a client and github is an authorization server. So you authenticate, adventofcode.com gets an auth code and then tokens. They can use the tokens to get information about your github account.
The example code you posted is different - your application is a client that gets a code and tokens from the authorization server (github) after a user was authenticated and gave a consent to passing the tokens to your app (permission delegation). So you probably cannot include adventofcode.com into this scenario.
The only way is if adventofcode.com takes a role of a resource server and their API accepts github tokens from different clients. But I know nothing about their API.
I tried to start working the "tuber" package. A tutorial on how to use this package can be found here: https://www.r-bloggers.com/using-the-tuber-package-to-analyse-a-youtube-channel/
Now I've set up OAuth 2.0 client in my google developer account (web client). However when i try to log in with my details like this:
user <- my_user_name
key <- my_key
yt_oauth(my_user_name, my_key, token = '')
I get the following error:
The redirect URI in the request, urn:ietf:wg:oauth:2.0:oob, can only be used by a Client ID for native application. It is not allowed for the WEB client type. You can create a Client ID for native application at https://console.developers.google.com/apis/credentials/oauthclient
When creating your OAuth client ID, set http://localhost:1410/ as Authorized redirect URIs. You may need to edit and update your existing client ID.
I;'m struggling to connect to Google Analytics with httr oauth2.0 function
oauth2.0_token(oauth_endpoints("google")
, oauth_app("google", client.id, client.secret)
, scope = "https://www.googleapis.com/auth/analytics.readonly")
It works perfectly in my local Rstudio, but it breaks in AWS-based Rstudio Server. The error appears when I agree to pass data in browser and Google redirects me to the page
http://localhost:1410/?state=codehere
When launching authentication in local Rstudio, browser responds with a message - Authentication complete. Please close this page and return to R, incase of Rstudio server it's just This webpage is not available
I suspect I need to change listener_endpoint configuration, but how? Should I put my Rstudio server address instead of default 127.0.0.1? Or is it flaw of httr+Rtudio server and I should not bother?
Your redirect URI is part of the problem. Httr's oauth2.0_token() function identify the correct one. When you set up your project, Google Analytics created two redirect URIs, one that can be used on your RStudio IDE (local) and one that can be used in the RStudio web-based environment for out-of-of band authentication: "urn:ietf:wg:oauth:2.0:oob"
Once you've authenticated, the following code should work.
library(httr)
ga_id <- YourProjectID
client_id <- YourClientID
redirect_uri <- 'urn:ietf:wg:oauth:2.0:oob'
scope <- YourScope
client_secret <- YourSecret
response_type <-'code'
auth1 <- oauth2.0_token(
endpoint = oauth_endpoints("google"),
app = oauth_app(
"google",
key = client_id,
secret = client_secret
),
scope,
use_oob = TRUE,
cache = TRUE
)
-- Ann
You could use out-of-band authentication -
options(httr_oob_default = TRUE)
I have a Shiny application that uses the Instagram API, and needs an access token. When running locally, I am able to use
full_url <-oauth_callback()
full_url <- gsub("(.*localhost:[0-9]{1,5}/).*", x=full_url, replacement="\\1")
print(full_url)
to get the callback url to register with Instagram. How would I go about getting this url when my application is deployed?
Additionally, and this might be related, when the app is deployed I get an error that:
Error : oauth_listener() needs an interactive environment
I never explicitly use oauth_listener(), so I'm not sure how to counteract this. All of my oauth related code is as follows:
instagram <- oauth_endpoint(
authorize="https://api.instagram.com/oauth/authorize",
access="https://api.instagram.com/oauth/access_token",)
my_app <- oauth_app(app_name, client_id, client_secret)
ig_oauth <- oauth2.0_token(instagram, my_app, scope="basic", type="application/x-www-form-urlencoded", cache=FALSE)