How do I go about adding credentials in speechConfig.m, a simple speech sample app ATT speech api?
`/** Unobfuscates the OAuth client_id credential for the application. **/
NSString* SpeechOAuthKey(void)
{
#error Add code to unobfuscate your Speech API credentials, then delete this line.
return MY_UNOBFUSCATE(my_obfuscated_client_id);
}
/** Unobfuscates the OAuth client_secret credential for the application. **/
NSString* SpeechOAuthSecret(void)
{
#error Add code to unobfuscate your Speech API credentials, then delete this line.
return MY_UNOBFUSCATE(my_obfuscated_client_secret);
}
`
Any help would be appreciated.
If you just want to run the code with un-obfuscated credentials (not secure), just comment out the '#error' lines and return the string which is your portal app key and secret.
When you're ready for a production app you should investigate your favorite security routine to un-obfuscate the key and secret which will be stored in your app and wrap it up in method which returns the un-obfuscated plain text key/secret from the obfuscated key/secret that ships with your code.
If you still need more assistance, please log a ticket at the developer.att.com portal under 'support->log a ticket'.
Related
I have a Flutter app where I am running a Google Apps Script through an http request. The purpose of the script is to create a Form and link the responses to a spreadsheetID that is passed in. The script is configured to only allow Google accounts access it and I've set up the flutter app to use a Service Account to access the script using the format:
getCredentials().then( (AuthClient client){
response = client.get(url, headers{"Authorization": "Bearer ${client.access_token}");
});
Issue: The issue is that the first time that the Service Account makes a request it will get an HTML response saying that it the account needs to give permission to the script to access its data and I'm not sure how to do that.
I'm fairly new to making http requests and using it with the GoogleAPI so I'm stuck. Any advice?
Goal
Create a web page which anyone can use to submit a Google sheet link and for the app to create a form and link the sheet to that.
Authorization
For this users will require a google account and they will be required to go through the OAuth process to authorize your app.
To create the form and link it from client-side JavaScript you would indeed need to call the Apps Script API, though you cannot do this with a service account.
From: https://developers.google.com/apps-script/api/how-tos/execute
Warning: The Apps Script API doesn't work with service accounts.
Luckily, you don't need a service account to do this.
Instructions
Create an Apps Script project with a function something like:
function createForm(ssID){
form = FormApp.create("Your New Form");
form.setDestination(FormApp.DestinationType.SPREADSHEET, ssID);
let formLink = form.getPublishedUrl();
return formLink;
}
Save and take a note of the ID of the script project.
Set up a GCP project (sounds like you already have one).
Make sure the Apps Script API is enabled in your GCP.
Configure the OAuth consent screen and add the scope - https://www.googleapis.com/auth/forms.
Create an API key and a Client ID - add http://localhost:8000 or whatever port you are testing on to the "Authorized JavaScript Origins"
Create OAuth credentials "web browser (JavaScript)".
Link your Apps Script project to the same GCP project - Instructions
Deploy the Apps Script project as an API executable - take not of the deployment ID, although the documentation says that you need the script ID, it is wrong, at least with the new Apps Script IDE.
Write the client-side JavaScript in your app like what is found in the quickstart. Which will enable users to authorize the app. You need to add in the scopes and keys there too. I recommend just following the quick start steps first to get a feel for it. You can use the authorization parts without modification.
Then add in the function that will call your Apps Script, something like this:
function appsScriptCreateForm(ssId) {
var scriptId = "<DEPLOYMENT_ID>";
// Run your Apps Script function
gapi.client.script.scripts
.run({
scriptId: scriptId,
resource: {
function: "createForm",
parameters: [ssId],
},
})
.then(function (resp) {
var result = resp.result;
// ERROR HANDLING
if (result.error && result.error.status) {
appendPre("Error calling API:");
appendPre(JSON.stringify(result, null, 2));
} else if (result.error) {
var error = result.error.details[0];
appendPre("Script error message: " + error.errorMessage);
if (error.scriptStackTraceElements) {
appendPre("Script error stacktrace:");
for (var i = 0; i < error.scriptStackTraceElements.length; i++) {
var trace = error.scriptStackTraceElements[i];
appendPre("\t" + trace.function + ":" + trace.lineNumber);
}
}
// IF SUCCESSFUL
} else {
console.log("success", resp);
}
});
}
Write your HTML with the buttons and inputs necessary.
Add event listeners where appropriate.
Profit!
Please note
This set up is your project running with the authorization of other accounts.
The API requests count against your quota.
You can see details of all the executions in your GCP Project Dashboard.
Users require a Google account and need to authorize the app.
In the Apps Script function above, you just need to pass in the Spreadsheet ID. Not the whole link. You could ask for the whole link and then use Regex to extract the ID if you wanted.
This can be quite tricky and easy to miss a step or make a mistake, so double check your work.
If, after successful authorization, when trying to run the script you get a 404 error, the request has been built wrong, check your IDs. If you get a 500 error, that can mean that the Apps Script function has successfully been called, but, there was an error within Apps Script and failed, check the executions page of the Apps Script editor.
References
Apps Script How to Execute
Apps Script JS Quickstart - Highly recommended you follow these steps first and get that working!
How to link your Apps Script to GCP
I am following the blog (http://blogs.msdn.com/b/onenotedev/archive/2015/06/11/and-sharepoint-makes-three.aspx) to access one note files stored in Office 365 sharepoint tenant. I registered my app and was able to acquire token but when When I use the accessToken access the following URL
www.onenote.com/.../FromUrl(url='https://*****.sharepoint.com/sites/")
I am always getting a 401. Any idea what is going wrong?
This is Sharad from OneNote Team, Microsoft.
We have a sample (native) app published in the GitHub
github.com/OneNoteDev/OneNoteAPISampleWinUniversal
Please take a look at the file -
OneNoteServiceSamplesWinUniversal.Shared/OneNoteApi/O365Auth.cs
There is resource Uri and redirect Uri. Redirect Uri is your app controlled, but resource Uri is always the same.
Code (native app):
private const string AuthContextUrl = "https://login.windows.net/Common";
private const string ResourceUri = "https://onenote.com";
// TODO: Replace the below RedirectUri with your app's RedirectUri.
private const string RedirectUri = "https://localhost";
_authenticationResult =
await AuthContext.AcquireTokenAsync(GetResourceHost(ResourceUri), ClientId, new Uri(RedirectUri), PromptBehavior.Always);
Native app - take a look at this blog.
Web app - take a look at this blog
I hope this helps resolve your issue. Feel free to get back with fiddler trace (request/response).
It appears the Authentication header in your API requests is missing the 'Bearer' prefix before the OAuth token. That's why you get a 401-Unauthorized response.
Our Github repo has code samples on O365 auth, it might be a good reference resource.
I am writing a Azure Service that will occasionally write to my facebook page as a status. Since the service does not have a UI component, a majority of the examples on the Facebook and Facebook .NET SDK pages are not helpful.
I created an application on facebook and then fired up the F# REPL in Visual Studio. I generated the token like so:
#r "../packages/Facebook.7.0.6/lib/net45/Facebook.dll"
#r "../packages/Newtonsoft.Json.7.0.1/lib/net45/Newtonsoft.Json.dll"
open Facebook
open Newtonsoft.Json
type Credentials = {client_id:string; client_secret:string; grant_type:string;scope:string}
let credentials = {client_id="859968674039398";
client_secret="XXXXXXXXXX";
grant_type="client_credentials";
scope="manage_pages,publish_stream,read_stream,publish_checkins,offline_access"}
let client = FacebookClient()
let tokenJson = client.Get("oauth/access_token",credentials)
type Token = {access_token:string}
let token = JsonConvert.DeserializeObject<Token>(tokenJson.ToString())
A token comes back as expected. However, when I go to use the token, I am getting errors:
let client' = FacebookClient(token.access_token)
let me = client'.Get("me")
returns
An active access token must be used to query information about the
current user.
and
let pageId = "/me"
type FacecbookPost = {title:string; message:string}
let post = {title="Test Title"; message = "Test Message"}
let postResponse = client'.Post(pageId + "/feed", post)
returns
The user hasn't authorized the application to perform this action
When I read the docs, they talk about getting the application to be approved by Facebook -> but that makes no sense in my use case b/c there is no application as defined with a human end user -> or even any other user invoking the code.
When I generate the token on Facebook Graph Api explorer with the correct permissions, I can use the token to make those GETS and POSTS. Should I just generate the token and stick it in my .config file? How long does a token last?
Thanks in advance
I think you haven't fully understood how Facebook API works.
You always need an App to perform an action (in your case the APP is 859968674039398)
In order to post on behalf a user, you will need that user to grant permissions to your App.
Your App has to be public and if you require more permissions than the basic ones, you need to go through the review process.
The access token you get from the Graph API Explorer (which is an App BTW) is only for you.
Please read the docs CBro provided.
I hope it helps.
Cross authentication of a dropbox user using Access token and secret not happening.
Elaborating my Question:
authenticate the user in my IOS app
In Ios app , I retrieve access token and secret from MPOAuthCredentialConcreteStore *credentials.
get the access token from credentials->acccessToken and similarly the secret.
Now if I feed these values into another app outside IOS which uses python sdk for dropbox. I get a error message "Invalid token".
But, interestingly the reverse process from step 1 to 4 works. i.e get access token and secret from python SDK and feed it to my IOS app by using
[dbSession updateAccessToken:#"xxxxxxxxx" accessTokenSecret:#"YYYYYYYYYYY" forUserId:#"12345678"];
and now i can assess user's dropbox account. Any idea as to whats going wrong? Is there a difference between MPoauth and Oauth? I believe MPoauth is just a wrapper right?
is there any other way to get the access token and secret?
Thanks for the help.
I found a fix for this. It was a simple error. Basically the editor I was using was adding a new line char at the end. For some one stuck at the same problem make sure you dont have a new line char at the end.
You can get your Access token by using this delegate
(BOOL)application:(UIApplication *)application handleOpenURL:(NSURL *) url {
if ([[DBSession sharedSession] handleOpenURL:url]) {
if ([[DBSession sharedSession] isLinked]) {
// At this point you can start making API calls
NSLog(#"App linked successfully!");
}
// Add whatever other url handling code your app requires here
}
return NO;
}
Given url has Access token, secret token and user id
This post { AppSecret with Windows Phone 7 }
indicates that the WP7 sample doesn't use the AppSecret to login from windows phone, but the current sample in the 5.3.2 download does use the secret.
However, FacebookOAuthClient.cs throws exceptions if it isn't provided. Also, http://blog.prabir.me/post/Facebook-CSharp-SDK-Writing-your-first-Facebook-Application.aspx
shows a sample without using the AppSecret.
Reading Facebooks developer docs it appears that the secret is intended for backend (webserver) auth to facebook, not client apps, and that it is poor practice, maybe insecure, and probably fattening to include your secret in your client application.
Do I misunderstand the guidance, or is there some way to authenticate with the facebook-c#-sdk without using the secret?
Thanks!
In WP 7.0 there was a problem with Fragment in Url (all after # was truncated). Facebook return auth token in Url Fragment, so without it it was impossible to authentificate like desktop/mobile app. The solution was to switch to Web mode, where you can receive auth token if you know AppSecret, so it was the only solution for that (but with security gaps).
In WP 7.1 Fragment Url bug was closed and now you can use normal authentification mode (without AppSecret on client).
If you could access anything of mine WITHOUT first having me authorize the app (solely using the app ID without an access token or a app secret), then that would be a HUGE security hole. Not only to my profile, but to any app out there since the app id is public.
The short answer is, you are required to have a user (or other type of) access token or an app secret to get information.
I figured out the problem was not with the SDK, but the Windows Phone 7 sample included. That sample uses the server-side flow. The changes necessary to the example were:
changing:
loginParameters["response_type"] = "code";
to:
loginParameters["response_type"] = "token";
and removing the entire labda function in webBrowser1_Navigated:
...
// The url is the result of OAuth 2.0 authentication.
if (oauthResult.IsSuccess)
{
var oauthClient = new FacebookOAuthClient { AppId = AppId, AppSecret = AppSecret };
// we got the code here
var code = oauthResult.Code;
oauthClient.ExchangeCodeForAccessTokenCompleted +=
(o, args) =>
{
...
and replaced it with this:
if (_fLoginMode && oauthResult.IsSuccess && !string.IsNullOrEmpty(oauthResult.AccessToken))
{
Dispatcher.BeginInvoke(() => NavigationService.Navigate(new Uri("/FacebookInfoPage.xaml?access_token=" + oauthResult.AccessToken, UriKind.Relative)));
}
And, of course removing the AppSecret constant