Does anyone know if there are any CalDav web clients or even any client libraries that will connect to the Google Calendar CALDAV API/server (we the recent oAuth2 additions)? We want to do this so that Google calendars can be managed in a standard way, and embedded in our own application.
One possible library is gaye/dav on github. It was initially written for Firefox OS and provides support for an OAuth2 transport.
That aside, adding OAuth2 support to any other existing library is probably not that hard. When you know it is a Google CalDAV server, do the OAuth exchange to get the access token. Then, if the library has a hook (or a function that can be monkeypatched) that runs just before a request is sent, set the request header Authorization: Bearer <oauth access token> with each request.
Related
As a developer using Google API, I received the email "Migrate to the new Google Identity Services library". Our application has both Web-based and client solutions. We use Google Sign-In JavaScript library in the Web-based solution, which needs to be migrated. Our client solution calls the GetAuthorizationUrl() method of OAuth2ProviderForApplications in Google API .NET library to get the authorization URL and launch a browser window with the URL.
Is the URL from the .NET library affected by this migration?
I compared the URLs in the windows launched by both Google Sign-In and GIS and those from the .NET library. There seemed to be some difference:
GIS:
https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?...
Google Sign-in Javascript:
https://accounts.google.com/o/oauth2/auth/oauthchooseaccount?...
Google API .NET library:
https://accounts.google.com/o/oauth2/auth?...
#2 and #3 are currently used in our system. When upgraded from Google Sign-in (#2) to GIS (#1), the authorization URL has "v2".
Is the "non v2" version of the authorization URL endpoint (#3) still valid after migration? As we will keep getting this non-v2 URL from the .NET library, it is important to make sure it is still working to avoid our service interruption.
I am currently facing the following situation.
Sending Firebase Messages via HttpCall via the google API endpoint:
https://fcm.googleapis.com/v1/projects/projectName/messages:send
Here we have to use OAuth2.0 with a valid Bearer Token like discussed in this question:
What Bearer token should I be using for Firebase Cloud Messaging testing?
After following these steps I was able to send Firebase Messages via the google API.
Now I would like to get the Bearer Token via a HttpCall without doing the manual step with the Playground https://developers.google.com/oauthplayground.
I cannot find any documentation on how to "Exchange authorization code for tokens" via simple HttpCall. I have no possibility to implement any code because I would like to send Firebase messages inside a "Dataverse Cloud Flow/PowerAutomate", therefore no possibility to load any external DLL (like the Firebase Admin Dll, which would implement this functionality).
I am not,looking for a solution which depends on external Dll like https://firebase.google.com/docs/database/rest/auth#authenticate_with_an_access_token or Pre-RequestScript
Any help is appreciated
What you are after is fundamentally not possible, since you can't hook the result of the bearer token into the same URL process to send messages. By the sounds of it you are unable to fetch one URL, process the results from that URL to pass onto the other which is what the REST API would do.
As such, you will need a secondary service that you can simply send messages to and it will invoke the Message and authentication for you, a bridge as you will. You can use Firebase Cloud Functions with an onRequest call or a simple express server on a Google Compute Engine instance (f1 free tier).
Then you can send your message request from your service to this bridge which will authenticate for you and send the message, it would be a fairly simple script to implement, specially with the admin-sdk.
after reading this answer https://stackoverflow.com/a/51614256/15486192 from #Arsam, i am successfully sending data from nodeMcu esp8266 to firebase.
but i am using Database secrets Although it is deprecated.
and while searching for an alternative i came across firebase REST
Firebase Database REST API
API Usage
You can use any Firebase Realtime Database URL as a REST
endpoint. All you need to do is append .json to the end of the URL and
send a request from your favorite HTTPS client.
HTTPS is required. Firebase only responds to encrypted traffic so that your data remains safe.
after reading that, anyone conclude that you can send data to firebase using HTTPS request.
so my questions,
is REST API just an HTTP request?
i am just confused if it is, then why just not naming it HTTP API?
can i send my data to firebase Realtime-database using only https request from my client?if yes then how
REST or RESTful API design (Representational State Transfer) is designed to take advantage of existing protocols. While REST can be used over nearly any protocol, it usually takes advantage of HTTP when used for Web APIs.
Be carefull when using the REST API on the client side!
The REST API for the Firebase RTDB is usualy ment for development of code where you don't wand or can't use the official SDKs. For example when you code in a language that doesn't have a official Firebase SDK. Or also in usecases where you because of perfromacne reasons don't want to use the SDKs. In most cases landing pages.
BUT. The REST API is very handy for public data in your database. And I would only recommend to leave public data only the read access. Othervise anyone could fill up your database with knowing your REST API.
So if you plan to use the RTDB on your client side try to use official SDK because the handle the security for you.
David East even had a talk on the last Google IO on how to improve the loading time for laning pages by removing the Firebase SDKs and using the REST API. But that was also only for public data.
If you want to use it on a server from the backend you can use also the REST API. Here is the documentation for using the REST API and here for the authentication part of it.
On this page they explain Web Push with Service Workers stating
Chrome currently uses Firebase Cloud Messaging (FCM) as its push service. FCM recently adopted the Web Push protocol. and then explaining Firebase and so on...
Since the Service Worker gives me a unique endpoint and a pubkey, it seems to me that technically it should be possible to use that endpoint directly, without anything additionally - except if Google deliberally forces a registration.
I mean, just send a POST request to that endpoint, sending just the notification data encrypted/authenticated using the pubkey without any "VAPID".
Do I absolutely need a Firebase account or is it possible to access the endpoint directly (without additional registration) if I just want to send a notification to a single device?
It's 2021 and all major browsers implement a push service and support VAPID now. You use a web push library (Javascript, Python, C#,..) of choice.
There is no need to register anywhere.
The technical mechanism in short is this:
You generate two VAPID keys once using the push library. One key is private and one is public.
The public key is used in the javascript as "application server key" when subscribing to the push service of the browser.
If the subscription is successful you receive a subscription object from the browser containing an endpoint and two additional keys.
The endpoint is an address depending on the web browser / manufacturer and the service it is currently using. The endpoints look like (Oct 2021) e.g.
Google Chrome h_tt_ps://fcm.googleapis.com/fcm/send/cz9gl....., Microsoft Edge h_tt_ps://wns2-par02p.notify.windows.com/w/?toke....., Mozilla Firefox h_tt_ps://updates.push.services.mozilla.com/wpush/v2/gAAAAABhaUA....
If your server program has this information (endpoint and keys from subscription object) it can send a push message to the endpoint with the push library. The corresponding service in the web, hosted by the manufacturer sends this to the browser's service on the device.
There is the PushAPI which shall get used.
But it doesn't is supported by every Browser at the moment.
You can find nice examples in the Service Worker Cookbook of Mozilla
I am implementing Cloud Endpoints with a Python app, I need to expose the restAPI in a secure way https (this is authomatic), The consumer of this Endpoint will be a java Application (not a web browser or app android or ios), and my questions is if there are any way to limit the consume od this Services only for that application.
I've seen "Service Account" oauth but i don't know if i can use it for this problem and if is possible i don't know how to configure it.
Thanks a lot.