For yahoo I am using SocialSample app of yahoo. I can login to yahoo account but it redirects me to a url which I am providing as a fallback url in session authorization.
[self.session sendUserToAuthorizationWithCallbackUrl:#"www.yahoo.com"];
I have no idea how to redirect from browser to my app. I have searched stackoverflow and there is this link How to use Yahoo! contact api in iOS application? in which php script is advised to use. But I have no experience in php. So I am unable to understand the whole logic behind this.
Also when I tried to create a project on developer.yahoo.com, it asks me to provide a domain name while I select private access to user.
help me on these issue.
Related
Morning folks,
I need to implement a way to force authentication of people inside a Google Apps domain to access a website.
To be clear, an user try to get site.com.
If he doesn't have a cookie, then he's redirected and forced to the Google OAuth2 login form.
If he has one, then he can visit the website.
In addition, the aim here is to restrict the login to only the users inside a Google Apps domain (people with other Google email adresses like Gmail won't work here).
I hope I was clear enough, thanks a lot in advance for your help guys ;)
If the website is running on an Apache webserver, or you can front the website with an Apache web server operating as a reverse proxy, mod_auth_openidc (https://github.com/pingidentity/mod_auth_openidc) can enforce authentication with a Google Account and restrict it to a particular Google Apps domain, see: https://github.com/pingidentity/mod_auth_openidc#openid-connect-sso-with-google-sign-in
I know the question is Kinda Silly but i want to know what exactly is oauth and how does it work with facebook,twitter etc.
And also if i want to implement it for my website like creating a login from my website button how can i do it
Definition
According to Wikipedia:
OAuth is an open standard to authorization.OAuth provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials.
So OAuth is commonly used as a way for web surfers to log into third party web sites using their Google, Facebook or Twitter accounts.
Working Example
Lets say you have a Gmail Account. You decide to sign up for LinkedIn.Adding your friends manually can be sketchy and painful. You might get fed up half-way. So you might be tempted not to create an the LinkedIn account after all.
LinkedIn got a nice idea and wrote a program to let the computer fetch all the data from your Gmail Account.
Without an API for exchanging this list of contacts, you may have to comprimise your email account to LinkedIn so here is where OAuth takes charge. If your Gmail supports the OAuth protocol, then LinkedIn can ask you to authorize them to access your GMail list of contacts.
References :
1)http://en.wikipedia.org/wiki/OAuth
2)https://blog.apigee.com/detail/when_to_use_oauth
I am new to OpenID and have been requested to build a login system to work with the company's Google account. They want to restrict logins to users of their domain. They login into Gmail using their domain and they want this feature to allow access to their systems.
Let's say the domain is example.com. They would log into Gmail as user#example.com or go to their domain login page to access their accounts.
I have been doing some research and it seems that the Google Federated Login is what I should be working with. I downloaded the Google APIs Client Library for PHP and have been playing with the examples but I still cannot get it to restrict access to whom logs in. Currently anyone with a google account seems to be able to login. Also, the API wants to access certain information... I only want to authenticate the user to ensure they are a valid user of the domain and eventually allow SpreadSheet Access in Google Docs so that another script (in the same system) can create SpreadSheets while the user is updating the system.
So my questions are:
1) Which service do I need to enable in the Google API console? Enterprise License Manager API is the only service that is enabled.... I'm starting to think maybe I should disable it.. Do any services have to be enabled? I'm not really sure about this.
2) Is there anything special about the PHP Google APIs that would require me to use Google's API or is this functionality available with any OpenID library? If the latter, which libraries are good for what I am trying to accomplish? (PHP)
3) I have found a few examples for allowing login with a Google account but I haven't found a single one for restricting it to a single domain. I am sure this is possible but am starting to feel that it's very difficult to implement... Any information on this would be very beneficial.
Thanks for any information you can toss my way.
I'm trying to create a script that allows users to login once (using same username & password on the domain) so that they can access the portal and gmail, instead of signing in twice (one to the portal & the other to their gmail).
I have been trying to retrieve cookies from the gmail but having no luck. Has anyone attempted this before with success?
Please let me know, thanks
Use Google Accounts Authentication and Authorization.
Ah PHP library is available.
I'm trying to implement a transient oAuth authentication for a web app I'm creating. Essentially, the user needs to login with the Service each time they visit my web app. Primarily it's to enable using the web app without me having to store any of the user's authentication data. I'm trying to use the Tumblr API.
My platform of choice is PHP. However I've never really worked with oAuth before and and am still learning. The following scenario illustrates what I'm trying to achieve:
The scenario assumes that:
The user has already authorized my application in their Tumblr account.
Using my Tumblr Consumer Key, Tumblr Consumer Secret, I call to get request_token, which I later display to the user via a link.
Now on clicking the link above, I expect Tumblr to NOT to ask user to allow the app again (authorize in their account) and simply redirect user back and returning some info that will allow me to distinguish the user. There is no $_SESSION as user is trying login to the website using Tumblr
Is this even possible? If yes, can you help me figure out how to get this done?
Ps. I'm a complete oAuth Noob so please be gentle :)
If you are trying to use Tumblr in a way similar to Facebook Connect, Tumblr does not offer this feature at the moment. ie: you can not use Tumblr to log into your site.
Tumblr's OAuth implementation will allow you to have the user allow access for your app to the users account indefinitely. Which means that your app will always be able to access the users account, whether they are logged into your site or not. They will still have to log into your site each time they want to access your app.
Here is a solid guide to OAuth. Tumblr uses OAuth 1.0 :
http://hueniverse.com/oauth/