I would like to grant an application permissions to post video to my youtube channel using HybridAuth (http://hybridauth.sourceforge.net/) and PHP.
First question is that possible?
I can already authenticate and grant permissions facebook, linkedin, and twitter. I can post status to these networks. Have not tried connecting to Google yet, but should be easy to add, and I am assuming that I only need Google authentication to access Youtube?
What part of HybridAuth can be used to upload the video? Are there any sample apps out there that I can use to learn from? Has anyone done this?
No, you can't use it with Youtube, however can use it with Vimeo.
You can use HybridAuth to connect to Google API and Register your Application / Projet in Google ( HybridAuth already enables Connection to Google , see Documentation for reference ) and When you register your projet with Google , you can start to add / Enable the right Google API by browsing API List Items available. You will find an API Called YouTube Data API v3 , Click on it and Enable to Change Status to ON.
Once done , then your registered projet with Google enables YouTube API , and you have to go to Credentials to generate your keys.
Hopes it helps ...
Here is a usefull link for you to get Started with YouTube through Google :
Source : https://developers.google.com/youtube/registering_an_application
Title : Register your Application with YouTube via Google
Go to the Google Developers Console.
Select a project.
In the sidebar on the left, select APIs & auth. In the list of APIs, make sure the status is ON for the YouTube Data API v3.
In the sidebar on the left, select Credentials.
The API supports two types of credentials. Create whichever credentials are appropriate for your project:
OAuth 2.0: Your application must send an OAuth 2.0 token with any request that accesses private user data. Your application sends a client ID and, possibly, a client secret to obtain a token. You can generate OAuth 2.0 credentials for web applications, service accounts, or installed applications.
Learn more
API keys: A request that does not provide an OAuth 2.0 token must send an API key. The key identifies your project and provides API access, quota, and reports.
If the key type you need does not already exist, create an API key by selecting Create New Key and then selecting the appropriate key type. Then enter the additional data required for that key type.
Related
Hello I need to get access to a spreadsheet from google spreadsheet API. I have enabled Google Sheets API and added API key, but this doesn't work!!!
https://sheets.googleapis.com/v4/spreadsheets/[my_spreadsheet_id]/values/A1?key=[my_api_key]
The result is:
403 - The caller does not have permission
But if I provide public access for this spreadsheet ---> it works!!!
The result is:
200 - [correct requested data .....]
The my question is:
How to get access to a private spreadsheet from the API?
I need to read and write orders data there from my website using php's functions like file_get_contents()
Basically, you need to get authorization as mentioned in the documentation.
Whenever your application requests private user data, it must send an OAuth 2.0 token along with the request. Your application first sends a client ID and, possibly, a client secret to obtain a token. You can generate OAuth 2.0 credentials for web applications, service accounts, or installed applications.
Further information from OAuth 2.0 documentation, when accessing a Google API using OAuth 2.0, all applications follow these steps:
Obtain OAuth 2.0 credentials from the Google API Console.
Obtain an access token from the Google Authorization Server.
Before your application can access private data using a Google API, it must obtain an access token that grants access to that API.
Send the access token to an API.
Refresh the access token, if necessary.
Lastly, to help you with the implementation using PHP, you may also add Authentication and authorization to your list of references. Hope that helps!
I have developed REST web service api in PHP and now I would like to secure it using OAuth 2.0. Basically I would like to provide token based access to the user who is accessing the web service api.
My application will be signed using Open Ids (Facebook, Twitter & Google+), I will get basic details like consumer_secret and ids from the open ids.
I have few queries :-
1) Do I need to create tables in my MySQL database and create token and store it with timestamp? And then whenever any user calls the api, we first check the token is valid or not and after that grant access to api.
Yes you will need to do that, but implement a OAuth server is a lot of work, better choose an existing package like https://github.com/bshaffer/oauth2-server-php or http://oauth2.thephpleague.com/
Trying to create a function that manages Google Calendar items via PHP for a Google Apps account. Cannot use web client OAuth, all authentication must be server to server.
I did the following in the Google Apps admin panel:
Enabled API access for the domain.
Created the OAuth key and secret for the domain.
Searched through many tutorials and cannot find anything related to Google Apps, and using the domain oauth key to retrieve user data. All of the examples either require a Service Account or Client OAuth (which is not an option).
Any ideas where to start?
I have recently implemented the SSO functionality for a Google Apps Marketplace app we are developing. In simple words: it provides a way to retrieve the Google Apps' user's email and log him in in your website, without the need of authorization on his end. You just need the consumer key and consumer secret, provided by Google to the app during installation on your domain (the installing user also authorizes (a one time action) any other permissions you request in the Manifest file).
Now I have somehow managed to get the SSO user login working using JanRain's OpenID PHP library and adding Google Apps as provider using the PHP Extensions for Google Apps OpenID Discovery.
However, after logging in, I need to implement a functionality that will retrieve all users in a given Google Apps domain. I've already did that using oAuth2 authentication and the following Directory API. However, this requires the existense of a consumer key, consumer secret and a redirect URL (that must be registered in the Google API console).
Is there a way to remove this convenience and instead allow our users to directly be able to get their Google Apps domain's users, using the existing SSO authentication we made in the background while logging him in? Otherwise, it will be too much hassle for the user to register the app at the Google API console, enter the correct redirect URL and set it up in our website and then he will be able to get his domain's users.
Regular users cannot use the Directory API, you'll need to authenticate as an admin user to make Directory API calls.
Depending on your needs though for accessing all users, you may be able to get by with requesting access to the user's Contacts scope and grabbing a copy of the full Global Address List which contains information on all non-hidden domain users as well as non-hidden groups and shared contacts.
I'm modifying a Wordpress plugin to allow users to upload videos to Youtube through a form. (Plugins like this already exist, but I'm doing this for a client who has specific requirements.) These videos will be uploaded to a Youtube account that belongs to my client.
Reading through the Youtube API and the Google API, OAuth is the preferred method of authenticating to Google's servers to use their API. However, all of the examples that I've seen require a user to authorize the connection from the OAuth client to the OAuth server, similar to the way OpenID asks users to sign into an account.
I would like to avoid this, if possible; I don't want site visitors uploading videos to their own account through the Wordpress plugin. Even if they aren't able to choose the account, I also don't want them to have to authorize the client access. Basically, I want to skip the verification phase because I know that I have permission.
From what I've been reading, 2-legged OAuth allows an application to authenticate against another application without any extra verification step, which is what I want. However, uploading a video requires logging into a user account, as it is not an anonymous function (like getting a list of the most recent videos uploaded).
Can 2-legged OAuth do the things I want (single-user authentication, without specifying a UID/pass, and no account confirmation) or am I limited to 3-legged OAuth?