Meteor can let a user authenticate that she controls a Twitter account without logging in:
Standalone OAuth client use
If you just want to authenticate to an Oauth service like Twitter,
Facebook, or Google without using Accounts – that is, if you don't
want to log the user in, you just want an OAuth token – you can use
the underlying service packages such as twitter, facebook, and google
directly.
But, I haven't been able to find any information on how to do this in the documentations. I tried reading the packages for twitter and oauth, but it seems you have to change the code to make a call to Twitter without creating an account.
There are some solutions to a similar problem, like using Accounts.onCreateUser(function(options, user), where you can hinder external services from making an account on your app. But, I want to let some twitter accounts create a normal account, and others to not be able to create one at all.
I tried adding a custom object to Twitter.requestCredential(options, callback) and to Meteor.loginWithTwitter(options, callback), but neither worked.
Does anyone know how to solve this problem of letting users verify their twitter accounts without creating an account (and without completely stopping people from creating an account with twitter)?
Related
I am creating a project to be able to share a Calendar among some users.
The strange thing is that when one of the users wants to connect, the following error appears telling him "This app isn't verified"
https://prnt.sc/p87wvm
I am not a programmer so it is difficult for me but I think I am doing everything right.
The only api that I am using is that of Google Calendar.
The email with which I am creating the Api is a #gmail.com
https://prnt.sc/p88o0g
I am not using any special scope that requires some type of verification.
I did not exceed any quota limit or anything like that.
And the send to verification button is disabled and tells me that my changes do not require verification
I want any user with a Gmail email to connect to the calendar
What i need to do??
For the doubts I have verified the domain thinking that it was that but it did not solve the problem either
I am trying to pull data from Youtube Analytics API using R and have hit a wall. I'm getting a Status 403 error. I can confirm that:
I have tried logging out of all accounts, rebooting, re-authenticating and then logging into 1 account and it didn't work
I have tried using just the https://www.googleapis.com/auth/youtube.readonly scope (which is supposed to be correct) and all youtube analytics scopes are authorized within the app (each with their own credential key), it didn't work.
I have tried authenticating from different browsers, it didn't work
I can confirm that the call worked from https://developers.google.com/apis-explorer/#p/youtubeAnalytics/v2/youtubeAnalytics.reports.query.
UPDATE
I have found the solution and updated the code to what is now working
scopes<- c('https://www.googleapis.com/auth/youtube.readonly')
endpoint<- oauth_endpoints('google')
youtubeapp<- oauth_app(appname='Youtube Analytics API',
key=client_id,
secret=client_secret)
youtube_token<- oauth2.0_token(
endpoint= oauth_endpoints('google'),
app = youtubeapp,
scope = scopes)
raw_data<- GET(paste("https://youtubeanalytics.googleapis.com/v2/reports?dimensions=",dimensions,"&endDate=",enddate,"&ids=",ids,"&metrics=",metrics,"&startDate=",startdate,sep=""),
config=youtube_token,content_type('application/json'))
content(raw_data, as= 'text')
I have figured out that access permissions are dictated by Youtube (not API IAM), so for example even though my personal email is owner of Brand account and API I still need to authenticate the call using the Brand Account or it won't work (I get 403 error for personal email). I tried switching my Youtube channel from Brand to personal and then my personal email worked. However, I need it under the brand account, so I have switched back.
I will leave this code up regardless because I found that good examples using R were lacking, I hope you find this useful.
I am looking to make a web based app which creates a monthly report that has Google Analytics information in i.e. organic searches etc. Some clients will have their own Google Analytics accounts and wont be own mine.
I managed to get the OAuth 2 authorization working with my account however it wont work for clients as I needed to get the client_secret.json file from Google Developers website. I have seen a service like cyfe.com which just gets the google login information and outs the Google Analytics information in graphs and such.
Does anyone know how they manage this is possible without getting the client_secret.json file ?
oAuth2 is designed to let you access to users data with their permission, without requiring to access their password.
You should use your own client Id and client secret, these identify your application, not your users ("client" here means client of the API).
You then need to create an interface where users can allow your application to access to their data, from this you'll get an access token, allowing to your application to access to Google Analytics data of your user on their behalf.
Read "Using OAuth 2.0 to Access Google APIs", and identify the scenario that matches to what you want to achieve.
I strongly suggest that you use a library managing the authentication flow, you don't need to reinvent the wheel. Here's a list from Google: Google API Client Libraries.
In my meteor application I am using the packages accounts-linkedin and linkedin to allow my users to signin with linkedin. This has always been working fine for several month. However, since yesterday users who have signed in to my website via linkedin in the past are not recognized anymore. When they go to "login with linkedin" a new meteor user account is created for them instead of logging them into their existing account.
When I test my application: Signing up via linkedin und then logging out and in, everything is working fine. Apparently it is only not working for accounts that already existed a few days ago.
This is really strange. The accounts code of meteor is really complex. What could be the reason that a user is not recognized anymore but a new user account gets created for them?
Could it be that linkedin messed up tokens on their side? (the linkedin id and accessToken in my users object (services.linkedin) did not change over the last days)
This is a bug in pauli:accounts-linkedin. The pauli:linkedin package was using the wrong value for the user's LinkedIn ID. I have submitted a pull request which fixes that problem for new users, but a fix is still needed to migrate the IDs of existing users. I recommend subscribing to the bug to track progress.
Within a Meteor app, can anyone guide me to how to allow users to simply Oauth Google?
There's the accounts-google package, but I don't want users to be able to login with it, just oauth and store credentials.
The docs mention "If you just want to authenticate to an Oauth service like Twitter, Facebook, or Google without using Accounts – that is, if you don't want to log the user in, you just want an OAuth token – you can use the underlying service packages such as twitter, facebook, and google directly.", but there are no docs whatsoever for the google package.
Any guidance would be much appreciated.
The Oauth's package is intended to do just this. If you want to use it to get people's credentials
There are two options:
1) Modify the source of the google and accounts-google packages to remove the parts that log you in. There are no docs for this, i'm afraid, the best to understand it are the inline comments.
2) Use another atmosphere package to merge accounts-google with an existing login. So they're already logged in but can use Meteor.logInWithGoogle() to login with google and this is merged with their existing account. This way they don't have to log in with Google but you get to store the OAuth token. For this you can use the bozhao:link-accounts package, or the mikael:accounts-merge package:
// ON THE CLIENT:
Meteor.signInWithGoogle ({}, function (error, mergedUserId) {
// mergedUsers is set if a merge occured
if (mergedUserId) {
console.log(mergedUserId, 'merged with', Meteor.userId());
}
});
Then you would find the google OAuth token data in services.google on your existing Meteor.user() document.
It's fairly straight forward to handle the Google OAuth manually. Check my answer on this (similar) SO question
Getting OAuth tokens without user registration