oauth-2.0: can i create my own oauth-2.0 provider - server

My problem is:
I have my authenticate server in my own running in app_1 with some user's account.
I create another application app_2 and i want to help my user's account in app_1 can login in app_2(app_1 like Open authenticate provider, ex: Facebook, google,..... and app_2 can login with app_1 account)
I try to find how to config or architecture of OAuth provider what i can apply in application.
Where i can find the way to do it?
Appreciate if anyone can help me.

Related

When I log in to the Cloud foundry (Authenticating... {"error":"invalid_grant","error_description":"User authentication failed: unauthorized"})

I am inside the SAP Business Application Studio, inside the terminal, when I put the CF login command I enter my credentials and this appears
Authenticating...
{"error":"invalid_grant","error_description":"User authentication failed: Unauthorized"}
Could you please help me
The solution on my side is to use the --sso option.
cf login --sso -a https://api.cf.us10.hana.ondemand.com
Afterwards you will be prompted to get a passcode from this url: https://login.cf.us10.hana.ondemand.com/passcode
However, for me this failed several times.
The key is to use alternative identity provider on the login screen
and enter sap.ids as provider when you already have an SAP Universal login
Sadly, this does not work when using trial version in API endpoint https://api.cf.us10-001.hana.ondemand.com . I already opened a support request.

User Authentication for flutter web using OpenID Connect? (-> KeyCloak)?

I'm currently working on a flutter/dart-based webpage (not an app). Now I came to the point that I want the web page to open only if the user has authenticated on my cloud-based Keycloak Server (cloud-iam.com).
There are some openid-connect client packages for flutter available, but most only work for google firebase/aws.. and some others are only working for apps, others are already outdated.
For now, I simply want to use the login frontend offered by the keycloak server.
But I totally failed to bring the available openidc packages to a success... :-(
Does anyone have a suitable package and a reference flutter/dart-application how to authenticate a user using an oidc-identity provider (i.e. keycloak?)
Thanks!
You can try keycloak_flutter package which handles keycloak user authentication for the flutter web only
https://pub.dev/packages/keycloak_flutter
As per this package example
https://github.com/gibahjoe/keycloak_flutter/tree/master/example
you can provide you keycloak realm and clientid details, it'll navigate to your keycloak server for login authentication after that you can allow your app to use the token details provided after login

GCP Application credentials stop working randomly

So I am using dialogflow in my ios app. I have created a service account and have given the permission of owner to use it. I export the access token via terminal and use it in the app. It will work for some time and will start giving me 401 after some time. Could you please help me on this issue?
Thanks
When creating your Service Account make sure you aren't creating short-lived service account credentials as this type of only lasts a couple of hours.
In this link you can find how to create service accounts, and here you can find how to grant access to the desired resources.

Is it possible to use root user of the system as admin user for keycloak

we are using keycloak in our product. I am trying to find a way to integrate root user of the machine hosting the keycloak as keycloak admin. Main criteria is on the machine in which keycloak is installed root should be able to access keycloak functions as keycloak admin without providing password. Is it possible now, if possible how to do this.
Let me know if you need more information.
Thanks,
Naga
You can use admin CLI on the server https://www.keycloak.org/docs/latest/server_admin/index.html#the-admin-cli

Powershell for Google Cloud: Authenticate with a service account

I'm trying to build an automatic sync solution that uses a Google Cloud storage bucket for storing data.
When I install the cloud SDK it asks for my authentication, but obviously I don't want to use my credentials on the client's server, it should be done with a service account with specific permissions, right?
The documentation just says to authenticate with your credentials. What is the security best practice here?
Found it, it's this simple command:
gcloud auth activate-service-account --key-file=credentials.json
And it works! I can upload stuff with PowerShell
The doc is here