Can anyone suggest how to do automatic authentication via Facebook API. For example I have a login and password, and I need to automatically get access_token. While that comes to mind only the cURL. What are some solutions?
I want to simplify the steps through the login PHP SDK.
If this is for unit testing, check out the Test Users documentation, because Test users when accessed via the API have a login_url you can hit automatically and get a user session.
For other use-cases, follow the regular Authentication docs - there is no user/password login option via the API - you need to use the Oauth flow
Related
I've searched a lot, but couldn't find anything very clear on the subject.
I will build a symfony front end, and to login (and get data), we'll connect to a remote api. So I need to have a login form on my symfony app, and when I press login, that will check the api, which will send me back a token if it's correct, and then I'll need that token for every call to the api.
I've read the symfony doc about custom authentication and apiKey authentication, but it's always if it's a backend app.
That guy had the same problem: Problems configuring user authentication by external API on Symfony2
But the answer is basically just the doc.
Basically, I don't understand where I can create a login form that will check the api to get a token, when I have the token I can save it in a cookie and do https://symfony.com/doc/current/security/api_key_authentication.html
(where I would check the cookie instead of the query parameter)
Thank you!
Arvi
First you should know which technology is doing the remote API.
For OAuth I would recommend you two bundles:
FOSUserBundle to keep the users id in your app and some data you may need https://symfony.com/doc/current/bundles/FOSUserBundle/index.html
HWIOAuthBundle https://github.com/hwi/HWIOAuthBundle to connect to a third party API for login/registering Oauth/Oauth2
I need to use Quickbooks online API to synchronize data between my system and my client's accounts on quickbooks.
I need to know if is it possible to complete the oauth2 authorization flow and make API calls without human interaction (without the need to interact with Intuit's authentication and authorization windows)?
I read the Intuit's docs on: https://developer.intuit.com/docs/0100_quickbooks_online/0100_essentials/000500_authentication_and_authorization/connect_from_within_your_app
On the first step, I made a GET request to:
https://appcenter.intuit.com/connect/oauth2?client_id=MY_ID&scope=com.intuit.quickbooks.accounting&redirect_uri=https%3A%2F%2FMY_NGROK_URL.ngrok.io%2FOAuth2PHPExample.php&response_type=code&state=RandomState#/Authorize/COMPANY_ID
Then, the Intuit's authentication and authorization windows opens and I need to put my username and password and then, click in the authorize button to get the authorization code.
Is there a way to obtain the authorization code without authenticate and authorize?
I need to automate this task to make API calls in the backend with PHP.
Thanks,
Marcelo.
Is there a way to obtain the authorization code without authenticate and authorize?
No... but read below.
I need to automate this task to make API calls in the backend with PHP.
You are misunderstanding how OAuth (either 1 or 2) works.
The very first time you connect you will be prompted to authenticate/authorize access to the QuickBooks Online data.
You are then given a refresh token (or access token depending on if you're using OAuth2 vs. OAuth1).
You then store that refresh token (or access token for OAuth1) and can use that token going forward to make your requests, unattended, without requiring the user to be involved at all.
Key take-away: You only need the user involved the VERY FIRST TIME you connect, and then never again.
I created a web application which will show all private videos of only one account.
Now I have to authenticate the account to get list videos. I saw 2 ways to authenticate by ClientLogin and Oauth. Which ClientLogin is deprecated and don't know how to use Oauth to authenticate the default account on server.
I have client_id and client_secret for my app.
I try this example but not working and i don't know what in $get['code'] and how can I put username and password of this account when using OAuth not ClientLogin.
It's pretty simple.
You can follow the steps at How do I authorise an app (web or installed) without user intervention? (canonical ?) to get a Refresh Token. At Step 8, choose the YouTube API instead of Drive API. Try to choose the most restrictive scope, eg. readonly. You can embed the Refresh Token (securely!!!!) in your app and then use it at any time to generate an Access Token. Thus the stored Refresh Token behaves like a username/password with restricted permissions.
Ask you have stated clientLogin is shut down you can not access any Google api using Login and Password. Your application needs to be authenticated
The thing you need to know about the YouTube API is that it does not support service accounts. You will have to use Oauth2. I am not a PHP developer but I have done this previously in C#. What you want to do is possible just a little tricky.
First off as I said you need to use Oauth2. I am hoping that this example is reasonably up to date if not the one for Google analytics is you may have to compare them a little.
Your script will need to be authenticated once using Oauth2. Then by requesting
$client->setAccessType("offline");
you will receive a refresh token. You will then be able to use this refresh token in your script on the server at anytime to request a new access token and access YouTube for that channel.
I'm currently trying to create a canvas application for Facebook and I'm trying to get it so that the user has to verify they want to authorise the application before it runs.
I'm trying to do this with the PHP SDK but to no avail so far.
Is there a way to automatically redirect to check if a user has authenticated the app?
Thanks,
Scott
If you request for a application authentication to facebook, and the app is already authorized by the user, the authentication window does not show again. It straight way returns a token.
You can check this tutorial http://thinkdiff.net/facebook/graph-api-iframe-base-facebook-application-development-php-sdk-3-0/ its a nice one to get started .
I am developing an API using Codeigniter and Phils RESTserver.
I need to have authentication working with oAuth but I cannot find a library
that works with both Codeigniter and MongoDB.
Is it simple to create the oAuth process myself? I know it is hard to answer
not knowing my level of expertise.
This is my understanding of the oAuth process.
User clicks on link and are redirected to the servers login form.
User will be asked to authorize the developers app.
If he does authorize it he is redirected back to the developers website.
On this website the code that he got from step 3 will be exchanged for an access token.
Developers app will now be able to access the users account on the server.
I know there are parameters to be sent along with the requests like client_id and client_secret and redirect URL. But my question is. Is it this easy to implement an oAuth server? Just create the classes and functions? What else are the requirements to
be able to call the process a true oAuth authentication?
Thankful for all input!
Have you had a play with this?
https://github.com/alexbilbie/CodeIgniter-OAuth-2.0-Server
Alex has also written a Mongo library, so if his server doesn't support Mongo out of the box then just have a play with that. Just because your API is in Mongo though doesn't mean the api keys, tokens, etc HAVE to be in Mongo too, but they easily can be.