What is desired: A chrome extension which uses google ooauth2.0 to log-in in extension, and sends data of his action safely to my servers with access token, where I get user details from the access token and save his actions, server implementation in php.
What I have done: Registered Google API Access 'Client ID for web applications' with redirect Url http://www.google.com/robots.txt, as explained by http://smus.com/oauth2-chrome-extensions/.
Based on same tutorial and their code I am getting access token of user in extension and able to send that to my server, with data..
Problems:
1) Now on my server I need to get data from that token..I need to call https://www.googleapis.com/oauth2/v1/userinfo?access_token=ya29.AHES6ZRCgM2nEI0-25KvlmIuZdSH6DbY1rhj9M4auzF86kHXobOeFA page but its not working..
2) when I click on inspect popup in chrome I can see the client id and client secret, isn't the secret supposed to be safe??
Hence I am totaly lost in the flow...is the access token supposed to be in the same format..I am not even sure..
Please if someone have done something similar suggest me a complete library, with client and server side work..
P.S. As google documentation now says oauth1.0 is deprecated and will be removed soon..(while giving all demo code only in oauth1.0..) Please don't suggest any oauth1.0 lib..
Related
I am trying to connect to the Facebook Graph API using the PHP SDK and view recent posts of a business account. BTW: I know there is a widget available for this task, but due to speed constraints, I would rather access the API and cache the response myself.
So I used my personal account to sign up at developers.facebook.com, created an app and obtained an AppId and AppSecret. My question relates to obtaining an access token for use with the graph API using the PHP SDK.
The examples on the getting started page shows how to obtain an access token by manually clicking a link and receiving a callback to my website. I am not creating a public app as such, I don’t want a manual login because my script will be run periodically by the server.
In any case if I click the Log in with Facebook! link, I get the following message which I don't understand:
The Twitter API provides automatic authentication but I cannot understand how to impliment this using Facebook. Can anyone point me in the right direction?
I want to access, view, modify Google docs but via a program written in php.
I would prefer to use API protocol as it can be used by any language.
But apparently the API requires me to be signed in in a browser. Now if I want to make a server side script that apparently wont be running in a browser, how can I do that?
I didnt found any username/password/auth giving thing that returns me some token and the API can use that token.
https://developers.google.com/google-apps/spreadsheets/#changing_contents_of_a_cell
google would not know who sent the second request if it does not has the access token or some way to prove that it logged in a minut a go. in my case: the program (lets say php server)
I guess this would not help https://developers.google.com/google-apps/spreadsheets/#authorizing_requests for https://developers.google.com/google-apps/spreadsheets/#changing_contents_of_a_cell as the later has no access token option.
You should authenticate your clients with OAuth2 and then store the tokens in db: https://developers.google.com/drive/web/auth/web-server
Also there's a client library available from Google: https://developers.google.com/api-client-library/php/
Edit: As you said it's about the spreadsheet API I'm linkin directly to the spreadsheet API authentication documentation: https://developers.google.com/google-apps/spreadsheets/#authorizing_requests_with_oauth_20 seems they support OAuth2 too.
Thanks to all but I found something working exactly as required.
http://framework.zend.com/manual/1.12/en/zend.gdata.html
I'm working on google + sign in integration for my php project. I followed the steps given in this link https://developers.google.com/+/web/signin/.
Every thing works fine. But my problem is, while creating the project in google api I gave my redirect url. Upon directing to that url, I will lock the user's information unto my database coming from google+. But since the login is done through prompt, it is getting closed after logging in and not get redirected to that "redirect url" given while creating the project. Now how to do this in prompted window and refresh my current page so that user is logged in.
When you are signing in using JavaScript, you no longer need to perform a redirect in the same way that you traditionally needed to in OAuth 2.0 flows so unless you are using the non JavaScript flow, the redirect URIs are not as important. The JavaScript client will return credentials when the user signs up for the first time that can be exchanged from your server to enable access as you're trying to get.
The PHP quickstart sample shows you how to perform all of the steps you need:
https://developers.google.com/+/quickstart/php
This sample will show you how to use the PostMessage style response from the Google+ Sign-In button and will allow you to use a JavaScript redirect for getting the access credentials to your server.
I am implemented In App Billing for android.I wanted to implement subscription validity checking through my backend server. As Google Play Documentation, for making call for Google Play API,need authentication using oauth 2.0.
I followed instructions for registering project and creating credentials. But from there I have no idea how to use those credentials, I tried authentication via CURL request, but it asking permission as shown in follwing image
This permissions works fine I can exchange code and get access token, but all this done by manually, how should I implement this on backend.
I even try to use google api php library provided by Google, but It adds confusion. Also they didn't provide any example, how to use library.
Can anybody elaborate how exactly use library or pure php?
Thanks in advance.
To perform LVL and/or IAB validation on a server, do not access Google servers directly from the server. Even if all information were available, you would face integrity problems, because your app and your server will see different information due to synchronization latencies.
Instead, use your app as a proxy and validate the Google Play information on your server as described here.
I have set a setup of Google Drive sample DriEdit code in my wesite. It is authenticating user file but once authentication done it take back user to the redirect url, but when i am using default FULL_AUTH_URL url it working file, but in my case it is not working here is my URl.
const FULL_AUTH_URL='https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/drive.file&client_id=MY_CLIENT_ID&response_type=code&access_type=offline&approval_prompt=force&redirect_uri=http://www.example.com';
You need to replace:
MY_CLIENT_ID by the Client ID of your application which you can find in the Google APIs Console for the project that you have created. See https://developers.google.com/drive/register
redirect_uri bu the URL where the user gets redirect to after he approves the OAuth flow. Usually the main page of your website or a different OAuth handler. This is usually all described in the Dr Edit sample documentation. Make sure you read this: https://developers.google.com/drive/examples/python
You may need to create a "Client ID for web applications" - maybe a service account works, too (web services might be easier to connect, because for service accounts one need to install a certificate file and send it on auth).
Once oAuth is setup properly, you should at least get any error message from Google.
Just don't use the Drive API credentials, they have no function yet.
Hope this get's you started.