Search Results

Search found 653 results on 27 pages for 'oauth'.

Page 2/27 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • OAuth java implementation, oauth_callback missing

    - by l245c4l
    Hey, My problem is I get error while trying to get request token from Yahoo. The error says Im missing oauth_callback parameter and yes I miss it because I dont need it. Ive read I need to set it to "oob" value if I dont want to use it(desktop app). And I did that but to no avail. If I set it to null the same happens. Im using OAuth for java: http://oauth.googlecode.com/svn/code/java/core/ OAuthServiceProvider serviceProvider = new OAuthServiceProvider("https://api.login.yahoo.com/oauth/v2/get_request_token", "https://api.login.yahoo.com/oauth/v2/request_auth", "https://api.login.yahoo.com/oauth/v2/get_token"); OAuthConsumer consumer = new OAuthConsumer("oob", consumerKey, consumerSecret, serviceProvider); OAuthAccessor accessor = new OAuthAccessor(consumer); OAuthClient client = new OAuthClient(new HttpClient4()); OAuthMessage response = client.getRequestTokenResponse(accessor, OAuthMessage.POST, null); System.out.println(response.getBodyAsStream());

    Read the article

  • Delicious API and Yahoo oAuth in .NET

    - by Khash
    The fact that Delicious has two sets of API authentications one with username and password and one with oAuth told me something about things I was going to experience and I wasn't wrong. Unfortunately I have to deal with both APIs now and am unsuccessful getting through the first hurdle of API v2 (Yahoo oAuth). Here is a code snippet (I'm using OpenSocial in this example http://code.google.com/p/opensocial-net-client) public static string GetRequestToken(string callbackUrl) { string normaluri; string normaluriparam; OAuthBase oAuth = new OAuthBase(); string nonce = oAuth.GenerateNonce(); string timeStamp = oAuth.GenerateTimeStamp(); string sig = oAuth.GenerateSignature(new Uri(TOKEN_URL), ConfigurationManager.AppSettings[CONSUMER_KEY], ConfigurationManager.AppSettings[SECRET_KEY], string.Empty, string.Empty, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1, out normaluri, out normaluriparam); sig = HttpUtility.UrlEncode(sig); string result = HttpClient.Get(TOKEN_URL, new { oauth_nonce = nonce, oauth_timestamp = timeStamp, oauth_consumer_key = ConfigurationManager.AppSettings[CONSUMER_KEY], oauth_signature_method = "HMAC-SHA1", oauth_signature = sig, oauth_version = "1.0", oauth_callback = callbackUrl }); return result; } It seems it doesn't matter if I follow instructions at http://delicious.com/help/oauthapi myself of leave it to OpenSocial, I get an "401 Unauthorized" from the server with no further info. I can see many people have the same issue but couldn't find any resolution.

    Read the article

  • OAuth with Google Reader API using Objective C

    - by Dylan
    I'm using the gdata OAuth controllers to get an OAuth token and then signing my requests as instructed. [auth authorizeRequest:myNSURLMutableRequest] It works great for GET requests but POSTs are failing with 401 errors. I knew I wouldn't be able to remain blissfully ignorant of the OAuth magic. The Google Reader API requires parameters in the POST body. OAuth requires those parameters to be encoded in the signature like they were on the query string. It doesn't appear the gdata library does this. I tried hacking it in the same way it handles the query string but no luck. This is so difficult to debug as all I get is a 401 from the Google black box and I'm left to guess. I really want to use OAuth so I don't have to collect login credentials from my users but I'm about to scrap it and go with the simpler cookie based authentication that is more mature. It's possible I'm completely wrong about the reason it's failing. This is my best guess. Any suggestions for getting gdata to work or maybe an alternative iphone friendly OAuth library?

    Read the article

  • Gmail IMAP OAuth for desktop clients

    - by Sabya
    Recently Google announced that they are supporting OAUth for Gmail IMAP/SMTP. I browsed through their multiple documentations, but still I am confused about if they support OAuth for installed applications. 1. In this documentation they say: Note: Though the OAuth protocol supports the desktop/installed application use case, Google only supports OAuth for web applications. But they also have a document for OAuth for installed applications. 2. When I read the OAuth specification pointed by them, it says (in section 11.7): In many applications, the Consumer application will be under the control of potentially untrusted parties. For example, if the Consumer is a freely available desktop application, an attacker may be able to download a copy for analysis. In such cases, attackers will be able to recover the Consumer Secret used to authenticate the Consumer to the Service Provider. Also I think the disclaimer in point 1 above is about Google Data APIs, and surely IMAP/SMTP is not a part of them. I understand that for installed applications I can have a setup like: Have a small web-app at say example.com for my application. This web-app talks to Google gets the access token. The installed application talks to example.com only to get the access token. Installed application then talks to Google with the access token. I am now confused. Is this the only way?

    Read the article

  • Having problems with uploading photos to TwitPic using OAuth in Objective C on the iPhone

    - by M. Bedi
    I have been working on an iPhone app that has a feature of uploading photos to TwitPic. I have it working with basic authentication. I am trying to get it working with OAuth. I am getting authentication errors. I have studied very carefully the TwitPic documentation. I am authorising the app by displaying a UI Web View and the it returns a PIN value. I enter the PIN value in the app and request the token. I am able to upload status updates to Twitter but not photos. My code is based on some example code from here: Example iPhone app using OAuth Here is my code: NSString *url = @"http://api.twitpic.com/2/upload.json"; NSString *oauth_header = [oAuth oAuthHeaderForMethod:@"POST" andUrl:url andParams:nil]; NSLog(@"OAuth header : %@\n\n", oauth_header); ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:[NSURL URLWithString:url]]; [request addRequestHeader:@"User-Agent" value:@"ASIHTTPRequest"]; request.requestMethod = @"POST"; [request addRequestHeader:@"X-Auth-Service-Provider" value:@"https://api.twitter.com/1/account/verify_credentials.json"]; [request addRequestHeader:@"X-Verify-Credentials-Authorization" value:oauth_header]; NSData *imageRepresentation = UIImageJPEGRepresentation(imageToUpload, 0.8); [request setData:imageRepresentation forKey:@"media"]; [request setPostValue:@"Some Message" forKey:@"message"]; [request setPostValue:TWITPIC_API_KEY forKey:@"key"]; [request setDelegate:self]; [request setDidFinishSelector:@selector(requestDone:)]; [request setDidFailSelector:@selector(requestFailed:)]; [request start]; Here is the OAuth Header: OAuth realm="http://api.twitter.com/", oauth_timestamp="1275492425", oauth_nonce="b686f20a18ba6763ac52b689b2ac0c421a9e4013", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="zNbW3Xi3MuS7i9cpz6fw", oauth_version="1.0", oauth_token="147275699-jmrjpwk3B6mO2FX2BCc9Ci9CRBbBKYW1bOni2MYs", oauth_signature="d17HImz6VgygZgbcp845CD2qNnI%3D"

    Read the article

  • Facebook Oauth Logout

    - by Derek Troy-West
    I have an application that integrates with Facebook using Oauth 2. I can authorize with FB and query their REST and Graph APIs perfectly well, but when I authorize an active browser session is created with FB. I can then log-out of my application just fine, but the session with FB persists, so if anyone else uses the browser they will see the previous users FB account (unless the previous user manually logs out of FB also). The steps I take to authorize are: Call [LINK: graph.facebook.com/oauth/authorize?client_id...] This step opens a Facebook login/connect window if the user's browser doesn't already have an active FB session. Once they log-in to facebook they redirect to my site with a code I can exchange for an oauth token. Call [LINK: graph.facebook.com/oauth/access_token?client_id..] with the code from (1) Now I have an Oauth Token, and the user's browser is logged into my site, and into FB. I call a bunch of APIs to do stuff: i.e. [LINK: graph.facebook.com/me?access_token=..] Lets say my user wants to log out of my site. The FB terms and conditions demand that I perform Single Sign Off, so when the user logs out of my site, they also are logged out of Facebook. There are arguments that this is a bit daft, but I'm happy to comply if there is any way of actually achieving that. I have seen suggestions that: A. I use the Javascript API to logout: FB.Connect.logout(). Well I tried using that, but it didn't work, and I'm not sure exactly how it could, as I don't use the Javascript API in any way on my site. The session isn't maintained or created by the Javascript API so I'm not sure how it's supposed to expire it either. B. Use [LINK: facebook.com/logout.php]. This was suggested by an admin in the Facebook forums some time ago. The example given related to the old way of getting FB sessions (non-oauth) so I don't think I can apply it in my case. C. Use the old REST api expireSession or revokeAuthorization. I tried both of these and while they do expire the Oauth token they don't invalidate the session that the browser is currently using so it has no effect, the user is not logged out of Facebook. I'm really at a bit of a loose end, the Facebook documentation is patchy, ambiguous and pretty poor. The support on the forums is non-existant, at the moment I can't even log in to the facebook forum, and aside from that, their own FB Connect integration doesn't even work on the forum itself. Doesn't inspire much confidence. Ta for any help you can offer. Derek ps. Had to change HTTPS to LINK, not enough karma to post links which is probably fair enough.

    Read the article

  • Rails 2.3.5 and oauth-plugin

    - by pgb
    I started a rails application from scratch, using Rails 2.3.5, and installed oauth-plugin. The installation was done by running script/plugin install git://github.com/pelle/oauth-plugin.git. Now, when I try to start the server, I get the following errors: => Rails 2.3.5 application starting on http://0.0.0.0:3000 /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:440:in `load_missing_constant': uninitialized constant Rails::Railtie (NameError) from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:80:in `const_missing' from /Users/Pablo/Projects/test.oauth/vendor/plugins/oauth-plugin/lib/oauth-plugin.rb:16 from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:31:in `require' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:156:in `require' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:521:in `new_constants_in' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:156:in `require' from /Users/Pablo/Projects/test.oauth/vendor/plugins/oauth-plugin/rails/init.rb:1:in `evaluate_init_rb' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/plugin.rb:158:in `evaluate_init_rb' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/core_ext/kernel/reporting.rb:11:in `silence_warnings' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/plugin.rb:154:in `evaluate_init_rb' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/plugin.rb:48:in `load' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/plugin/loader.rb:38:in `load_plugins' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/plugin/loader.rb:37:in `each' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/rails/plugin/loader.rb:37:in `load_plugins' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/initializer.rb:369:in `load_plugins' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/initializer.rb:165:in `process' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/initializer.rb:113:in `send' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/initializer.rb:113:in `run' from /Users/Pablo/Projects/test.oauth/config/environment.rb:9 from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:31:in `require' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:156:in `require' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:521:in `new_constants_in' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:156:in `require' from /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/rails-2.3.5/lib/commands/server.rb:84 from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:31:in `gem_original_require' from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:31:in `require' from script/server:3 I can't figure out why this is failing. Am I missing a dependency? What other information I can provide to others help me figure this out?

    Read the article

  • PHP crashing during oAuth scripts

    - by FunkyChicken
    I just installed Nginx 1.2.4 and PHP 5.4.0 (from svn) (php fpm). CentOs 5.8 64 The problem I have is that PHP crashes the moment I run any social oAuth scripts. I have tried to log into Facebook, Twitter and Google with various scripts that I know work on my other servers. When I load the scripts I get a 502 error from Nginx. And I find these errors in the log: in php-fpm log: WARNING: [pool www] child 23821 exited on signal 11 (SIGSEGV) after 1132.862984 seconds from start in nginx log: ERROR: recv() failed (104: Connection reset by peer) while reading response header from upstream From what I can see, it goes wrong when PHP tries to make a request to any of the oAuth servers. https://github.com/mahmudahsan/PHP-SDK-3.0---Graph-API-base-Facebook-Connect-Tutorial-Source for example is one of the scripts that works perfectly on my other machines, but causes PHP to crash. I found: http://stackoverflow.com/questions/3616191/nginx-php-fpm-502-bad-gateway which seems to be a similar problem, but I cannot find a way to solve it. +++ UPDATE +++ Now I have been doing some debugging in 1 of the scripts that is playing up. If you go to line 808 http://pastebin.com/gSnzRtXb it runs the curl_exec() command. When that is ran, it crashes. If i echo'test';exit; just above that line, it echo's correctly, if i do it below that line, php crashes. Which means it's that line 808 which causes the crash. So I made a very simple script to do some testing: http://pastebin.com/Rshnyhcm which also uses curl_exec, but that runs just fine. So I started to dig deeper into that query from the facebook script to see what values the $opts array contains from line 806. Output of that array is: http://pastebin.com/Cq9ffd3R What the problem is, I still have no clue :(

    Read the article

  • Difference between Claims vs OAuth

    - by Venki
    What is the difference between Claims based authentication vs What is provided by OAuth. I am looking for conceptual difference and not technical difference. When do I choose Claims over OAuth and vice versa. Claims based authentication is proposed by Microsoft and build on top of WS-Security. But OAuth is more a open source protocol that is being proposed to allow fetching resources from different portals based on a security token. Claims also has this concept of token (SAML encoded or X509 certificates). I am trying to understand when do I choose Claims over OAuth and vice versa. Thanks

    Read the article

  • OAuth gives me 401 error

    - by Radek
    I am trying to get the access key but I cannot make it work. `request_token.get_access_token is giving me 401 Unauthorized (OAuth::Unauthorized) error. I copy the authorize_url into my browser, allow the application, I receive some kind of PIN from twitter but after hitting enter in my script I always get 401 error. I did some search and I found this helped access_token = request_token.get_access_token(:oauth_verifier => params[:oauth_verifier]) but it is giving me undefined local variable or methodparams' for main:Object (NameError)` the ruby script is like ( I was following this tutorial ) gem 'oauth' require 'oauth/consumer' consumer_key = 'your key' consumer_secret ='your secret' consumer=OAuth::Consumer.new "consumer_key", "consumer_secret", {:site=>"http://twitter.com"} #{:site=>"https://agree2.com"} request_token = consumer.get_request_token puts request_token.token puts request_token.secret puts request_token.authorize_url puts "Hit enter when you have completed authorization." STDIN.gets access_token = request_token.get_access_token #access_token = request_token.get_access_token(:oauth_verifier => params[:oauth_verifier]) puts access_token.token puts access_token.secret puts puts access_token.inspect

    Read the article

  • Gmail 3-legged OAuth access -- Zend_Mail_Protocol_Exception

    - by tchaymore
    I'm trying to access Gmail by using three-legged Oauth PHP code provided by Google ('google-mail-xoauth-tools') here: http://code.google.com/apis/gmail/oauth/code.html. I have my domain registered and everything seems to go fine with OAuth, but after I authorize access I get this error: Fatal error: Uncaught exception 'Zend_Mail_Protocol_Exception' with message 'cannot connect to host; error = Connection refused (errno = 111 )' in /home/tchaymor/public_html/gmail/Zend/Mail/Protocol/Imap.php:100 Stack trace: #0 /home/tchaymor/public_html/gmail/Zend/Mail/Protocol/Imap.php(61): Zend_Mail_Protocol_Imap->connect('imap.gmail.com', '993', true) #1 /home/tchaymor/public_html/gmail/three-legged.php(170): Zend_Mail_Protocol_Imap->__construct('imap.gmail.com', '993', true) #2 {main} thrown in /home/tchaymor/public_html/gmail/Zend/Mail/Protocol/Imap.php on line 100 This is my first time using OAuth with any Google products, so it could be something totally brainless I'm missing. Any suggestions would be most welcome (as suggestions for easier alternatives). I'm more on the designer rather than coder end, so the simpler the better.

    Read the article

  • Using oAuth (Twitter, LinkedIn) for login to a web app

    - by novaurora
    Should I use oAuth, for example LinkedIn or Twitter, as my signin mechanism for my app? It seems that most apps just use oAuth to connect other services to it, but they make you set up your own user/password after you use oAuth (including StackOverflow), and I'm not really sure why this is. Would love some insight here. Thank you.

    Read the article

  • oAuth provider with Django-piston

    - by Martin Eve
    Hi, I'm working with django-piston to attempt to create an API that supports oAuth. I started out using the tutorial at: http://blog.carduner.net/2010/01/26/django-piston-and-oauth/ I added a consumer to piston's admin interface with key and secret both set to "abcd" for test purposes. The urls are successfully wired-up and the oAuth provider is called. However, running my get request token tests with tripit (python get_request_token.py "http://127.0.0.1:8000/api" abcd abcd), I receive the following error: Invalid signature. Expected signature base string: GET&http%3A%2F%2F127.0.0.1%3A8000%2Fapi%2Foauth%2Frequest_token%2F&oauth_consumer_key%3Dabcd%26oauth_nonce%3D0c0bdded5b1afb8eddf94f7ccc672658%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275135410%26oauth_version%3D1.0 The problem seems to lie inside the _check_signature method of Piston's oauth.py, where valid_sig = signature_method.check_signature(oauth_request, consumer, token, signature) is returning false. I can't, however, work out how to get the signature validated. Any ideas?

    Read the article

  • Google's Oauth for Installed apps vs. Oauth for Web Apps

    - by burgerguy
    So I'm having trouble understanding something... If you do Oauth for Web Apps, you register your site with a callback URL and get a unique consumer secret key. But once you've obtained an Oauth for Web Apps token, you don't have to generate Oauth calls to the google server from your registered domain. I regularly use my key and token from scripts running via an apache server at localhost on my laptop and Google never says "you're not sending this request from the registered domain." It just sends me the data. Now, as I understand it, if you do Oauth for Installed Apps, you use "anonymous" instead of a secret key you got from Google. I've been thinking of just using the OAuth for Web Apps auth method, then passing that token to an installed app that has my secret code embedded in its innards. The worry is that the code could be discovered by bad people. But what's more secure... making them work for the secret code or letting them default to anonymous? What really goes bad if the "secret" is discovered when the alternative is using "anonymous" as the secret?

    Read the article

  • Dotnetopenauth oAuth Service provider explanation

    - by ria
    I am a total newbie in the oAuth area and have set up DotNetOpenAuth to set up an oAuth Service provider. The sample provided in the DotNetOpenAuth download is quite confusing for me...maybe cos i am new to this stuff. There is one default page that creates a database and populates the database. Now I browse to the login.aspx and it asks me to put an openid, actually I want to use DNN (which implements DotNetOpenAuth) and i want to use those credentials on another site which will be the oAuth consumer. Can someone explain how to test the oAuth Service provider in the samples of DotNetOpenAuth?

    Read the article

  • "Invalid signature": oAuth provider with Django-piston

    - by Martin Eve
    Hi, I'm working with django-piston to attempt to create an API that supports oAuth. I started out using the tutorial at: http://blog.carduner.net/2010/01/26/django-piston-and-oauth/ I added a consumer to piston's admin interface with key and secret both set to "abcd" for test purposes. The urls are successfully wired-up and the oAuth provider is called. However, running my get request token tests with tripit (python get_request_token.py "http://127.0.0.1:8000/api" abcd abcd), I receive the following error: Invalid signature. Expected signature base string: GET&http%3A%2F%2F127.0.0.1%3A8000%2Fapi%2Foauth%2Frequest_token%2F&oauth_consumer_key%3Dabcd%26oauth_nonce%3D0c0bdded5b1afb8eddf94f7ccc672658%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275135410%26oauth_version%3D1.0 The problem seems to lie inside the _check_signature method of Piston's oauth.py, where valid_sig = signature_method.check_signature(oauth_request, consumer, token, signature) is returning false. I can't, however, work out how to get the signature validated. Any ideas? -----Update----- If I remove the test consumer from piston's backend, the response returned is correctly set to "Invalid consumer", so this lookup appears to be working.

    Read the article

  • Using Twitter OAuth to post updates automatically

    - by ebae
    Here's my scenario. I have a web site, which automatically posts updates to Twitter using cURL at the moment. But I hear Twitter is going to turn this feature off and move to OAuth. I tried implementing OAuth in my site, but the user actually has to manually authenticate before being able to post anything to twitter. How can I use OAuth and still let my website post updates automatically, without me having to manually click on "authenticate"?

    Read the article

  • Book Review&ndash;Getting Started With OAuth 2.0

    - by Lori Lalonde
    Getting Started With OAuth 2.0, by Ryan Boyd, provides an introduction to the latest version of the OAuth protocol. The author starts off by exploring the origins of OAuth, along with its importance, and why developers should care about it. The bulk of this book involves a discussion of the various authorization flows that developers will need to consider when developing applications that will incorporate OAuth to manage user access and authorization. The author explains in detail which flow is appropriate to use based on the application being developed, as well as how to implement each type with step-by-step examples. Note that the examples in the book are focused on the Google and Facebook APIs. Personally, I would have liked to see some examples with the Twitter API as well. In addition to that, the author also discusses security considerations, error handling (what is returned if the access request fails), and access tokens (when are access tokens refreshed, and how access can be revoked). This book provides a good starting point for those developers looking to understand what OAuth is and how they can leverage it within their own applications. The book wraps up with a list of tools and libraries that are available to further assist the developer in exploring the APIs supporting the OAuth specification. I highly recommend this book as a must-read for developers at all levels that have not yet been exposed to OAuth. The eBook format of this book was provided free through O'Reilly's Blogger Review program. This book can be purchased from the O'Reilly book store at: : http://shop.oreilly.com/product/0636920021810.do

    Read the article

  • OAuth 2.0 for Google Drive and the Adsense API

    OAuth 2.0 for Google Drive and the Adsense API Google engineers Nicolas Garnier, Ali Afshar, and Sergio Gomes discuss the OAuth 2.0 playground and how to use it with the Google Drive And AdSense APIs. OAuth 2.0 and its inner workings are explained in detail, and usage of the OAuth 2.0 playground in context of Google Drive and the AdSense API is demonstrated thoroughly. The sessions wraps up with some discussion of questions from live viewers. From: GoogleDevelopers Views: 9 0 ratings Time: 57:02 More in Science & Technology

    Read the article

  • GDD-BR 2010 [0H] OpenID-based single sign-on and OAuth data access

    GDD-BR 2010 [0H] OpenID-based single sign-on and OAuth data access Speaker: Ryan Boyd Track: Chrome and HTML5 Time slot: H[17:20 - 18:05] Room: 0 A discussion of all the auth tangles you've encountered so far -- OpenID, SSO, 2-Legged OAuth, 3-Legged OAuth, and Hybrid OAuth. We'll show you when and where to use them, and explain how they all integrate with Google APIs and other developer products. From: GoogleDevelopers Views: 11 0 ratings Time: 41:24 More in Science & Technology

    Read the article

  • CodeIgnither OAuth 2.0 database setup for users and access_tokens

    - by xref
    Per this question I am using CodeIgniter and OAuth 2 in an attempt to provide SSO for internal users of my webapp, ideally verifying them against their Google Apps account. No registrations or anything, just existing users. Using the CI oauth2 spark I'm getting back from Google an OAuth token similar to below: OAuth2_Token_Access Object ( [access_token:protected] => dp83.AHSDj899sDHHD908DHFBDjidkd8989dDHhjjd [expires:protected] => 1349816820 [refresh_token:protected] => [uid:protected] => ) And using that token I can retrieve some user info from Google: [uid] => 3849450385394595 [nickname] => this_guy [name] => This Guy [first_name] => This [last_name] => Guy [email] => [email protected] [location] => [image] => [description] => [urls] => Array ( ) Now to allow the 15 people or so who will be using the webapp currently to log in, do I need to create a users table in the mysql database with their email address as a key? Then compare the email which just came back from the Google OAuth request and see if it exists in my users table? What about the Google access_token, do I store that now along with the email which already existed in the users table? Related: How would I go about verifying the user automatically in the future against that access_token so they don't have to go through the whole OAuth approval process with Google again?

    Read the article

  • Google I/O 2012 - OAuth 2.0 for Identity and Data Access

    Google I/O 2012 - OAuth 2.0 for Identity and Data Access Ryan Boyd Users like to keep their data in one place on the web where it's easily accessible. Whether it's YouTube videos, Google Drive files, Google contacts or one of many other types of data, users need a way to securely grant applications access to their data. OAuth is the key web standard for delegated data access and OAuth 2.0 is the next-generation version with additional security features. This session will cover the latest advances in how OAuth can be used for data access, but will also dive into how you can lower the barrier to entry for your application by allowing users to login using their Google accounts. You will learn, through an example written in Python, how to use OAuth 2.0 to incorporate user identity into your web application. Best practices for desktop applications, mobile applications and server-to-server use cases will also be discussed. From: GoogleDevelopers Views: 11 1 ratings Time: 58:56 More in Science & Technology

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >