I am developing an application based on google Oauth. Now my all authentications are done. Even I have now the access token and secret. Now I dont know how to use this access token and secret.
Please I really need Help on this. I have already done the hard work which is getting access token and secret. Only need to know how to use this token and secret to call an api.
To use the access key/secret you
set inputparameters for the google client service
create a token using the access key and secret, and the inputparameters
set the token in the google client service
In Python, using the gdata library:
self.gd_client.SetOAuthInputParameters(
gdata.auth.OAuthSignatureMethod.HMAC_SHA1,
self.consumer_key, consumer_secret=self.consumer_secret)
oauth_input_params = gdata.auth.OAuthInputParams(
gdata.auth.OAuthSignatureMethod.HMAC_SHA1,
self.consumer_key, consumer_secret=self.consumer_secret)
oauth_token = gdata.auth.OAuthToken(key=access_key,
secret=access_secret,
scopes=gdata.gauth.AUTH_SCOPES,
oauth_input_params=oauth_input_params)
self.gd_client.SetOAuthToken(oauth_token)
After that you can call the service methods to retrieve the data.
Nico
Related
I want my Web API to get an Access Token to then call Microsoft Graph API. I've gone through a few documents and threads but they all talk about a POST method that asks for a Client ID and App Secret created when registering the app on AAD.
I'm following this document here.
My problem is:
What is client_credentials? Where should I get it from? I thought the API is supposed to be working with the secret and the client I'd only.
I appreciate your help.
There's 4 parameters in the HTTP request:
grant_type: in this case, the value is "client_credentials"
client_id: The client id of your app
client_secret: The client secret of your app
resource: The identifier of the API you want a token for, in this case https://graph.microsoft.com
So only client id and secret are needed from your app.
If you use v2 endpoint / MSAL, note there is no resource parameter.
Instead you would use scope=https://graph.microsoft.com/.default.
How to regenerate the access token using refresh token through C# or PowerShell using native application client id?
Having the following inputs:
$RefreshToken = "refresh_token"
$ClientId= "client_id"
I have found many ways to regenerate access token using refresh token, but all those are using web app client id and client secret.
As far as I know, if you use native application, we will use silent auth(grant flow). It will just return the access token not the refresh token.
I guess you use web application code flow to get the access token and refresh token.
If you use this way, it must need the client secret and refresh token to generate the access token.
I have a Refresh token (which is generated by an external tool) and the goal to access the data from
GET https://www.googleapis.com/analytics/v3/management/accounts/~all/webproperties/~all/profiles/~all/goals
via C# . For this, I need to generate the Access Token. Is this even possible without knowing the client id and the client secret?
To retrieve an access token using a refresh token you must know the client id and secret that created it.
You would do a HTTP Post to the following
https://accounts.google.com/o/oauth2/token
client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&refresh_token=1/ffYmfI0sjR54Ft9oupubLzrJhD1hZS5tWQcyAvNECCA&grant_type=refresh_token
I've created a web application that uses the OAuth authentication and universal connectors as explained in this tutorial, and started to fiddle around a little to add support for other providers like Yahoo and LinkedIn. So the authentication part works and users are created in the asp.net Membership provider. Also, all the providers return the accesstoken which I supposedly can use to retrieve more information regarding the user.
I'd really like to acquire the profile image, but it seems every provider has a different way of requesting this information. Twitter even describes a way to authorise every request by changing the HTTP header information.
Whilst reading this information on the websites of the various providers I was wondering whether this functionality isn't also already included somewhere in DotNetOpenAuth.AspNet or Microsoft.AspNet.Membership.OpenAuth implementation.
How can I use DotNetOpenAuth.AspNet and/or Microsoft.AspNet.Membership.OpenAuth to request the profile image of the loggedin user using the just acquired accesstoken?
UPDATE in response to Leo's answer
I use the following code to make a call on LinkedIn's API.
string accessToken = extraData["accesstoken"]; // Extra Data received from OAuth containing the accesstoken.
WebRequest request = WebRequest.Create("https://api.linkedin.com/v1/people/~:(id,first-name,last-name,date-of-birth,email-address,picture-url)?oauth2_access_token=" + accessToken);
using (WebResponse response = request.GetResponse())
{
// do something with response here.
}
Error message is "The remote server returned an error: (401) Unauthorized.".
What am I doing wrong?
The answer is simple...you can't use any of these. These are wrappers of OAuth and OAuth only specifies how you can authenticate a user. Now, to request the user's profile photo you will need to use the external provider's own API and you will need most likely a valid access token. So, you will need to use one of these implementations of OAuth to authenticate a user and the recieve an access token, store the access token somewhere (usually a cookie) and then use the access token to make sub-sequent calls to the provider's APIs. Examples and links....
Facebook's Graph API allows you to retrieve users profiles
https://developers.facebook.com/docs/graph-api/quickstart/
notice that all examples in the link above will require you to include the access token in a parameter named access_token, for example
https://graph.facebook.com/me?method=GET&format=json&suppress_http_code=1&access_token={your-access-token}
Google...
https://www.googleapis.com/oauth2/v3/userinfo?access_token={your-access-token}
LinkedIn...
https://api.linkedin.com/v1/people/~:(id,first-name,last-name,date-of-birth,email-address,picture-url)?oauth2_access_token={your-access-token}
You can get more specific information from these providers' websites
Let me know if you have any other doubts I might be able to help you since I have implemented stuff like these before.
Cheers, Leo
I am accessing Nexmo API by passing API Key and API Secret. Nexmo uses OAuth 1.0a and I have managed to retrieve the Access Token and Token Secret using DotNetOpenAuth. I have no previous experience with Nexmo. I want to know that how to use Access Token and Token Secret instead of API Key and API Secret. On nexmo website there is not lot of help about this. There is a line written on the bottom of following URl (https://labs.nexmo.com/#oauth) which says "replace "api_key" and "api_secret" by OAuth parameters". I don't know how to do that. Does anyone know?
Hi, I have seen the PHP example but didn't understand much from it. May be I am not getting the idea of OAuth completely. I am using DotNetOpenAuth for signing with Nexmo website. Following is the code I have used so far,
Dim consumer3 As New DesktopConsumer(NexmoDescriptionService.Description, NexmoDescriptionService.TokenManager)
Dim requestToken As String = ""
consumer3.RequestUserAuthorization(Nothing, Nothing, requestToken)
Dim extraParameters = New Dictionary(Of String, String) From {{"request_token", requestToken}}
consumer3 = New DesktopConsumer(NexmoDescriptionService.Description.UserAuthorizationEndpoint, NexmoDescriptionService.TokenManager)
Dim test = consumer3.RequestUserAuthorization(extraParameters, Nothing, requestToken)
Dim request As System.Net.HttpWebRequest = consumer3.PrepareAuthorizedRequest(NexmoDescriptionService.Description.RequestTokenEndpoint, requestToken)
I have used Desktop consumer class because was not able to work with WebConsumer.
There's a screencast here, using PHP, it should be roughly the same for C#. You really don't want to manage the OAuth signing yourself, find a good C# library that does it for you, then just make the request through that.
This example and library may be helpful. At the end of the example, it shows making a call to google after the session has been setup to use the access token. You'll just go through a similar process with Nexmo:
// make a request for a protected resource
string responseText = session.Request().Get().ForUrl("http://www.google.com/m8/feeds/contacts/default/base").ToString();
As to OAuth in genral, the flow is essentially:
Get a Request Token from the Service (in this case Nexmo). That request token is matched to the application credentials you'll already have (you can create these from the Nexmo dashboard).
Redirect to user to authorize that request token. At this point you just wait for the user to be redirected back with an authorized token.
When the user is redirected back with an authorized token, trade that for a long use token, and store the credentials (you'll use those credentials any time you need to make requests on behalf of the user's account).
For the most part, OAuth Client libraries handle all the details, and your application only needs to be concerned with the high level flow.
You can find more information on the OAuth flow at the OAuth site.