I can't find the way to obtain the authorization code with OAuth 2.0 through the cURL's command line for an application that use Google Calendar's API.
Does anybody know how to do it?
Thanks for all the answer.
Related
I'm building a Rails API with a proper front-end to go along with it (probably React). I'm currently implementing the API and haven't written a single line of front-end. I'm trying to implement OAuth with Facebook as explained in #a14m's answer for this post.
However the problem is that my API would require an authentication code so that it can exchange it for an access token with Facebook. As far as I understand, the code is obtained via a login dialog on the front-end. Now I want to test whether or not my API is getting a valid access token from Facebook in exchange for the code. But to get the code I have to open a dialog on the "front-end" which I have not implemented yet.
Any way I could open the dialog for Facebook login and get the code without writing the front-end? I probably think Postman would help but I don't know how. Also if there is a way to obtain the token without triggering the dialog would also get my job done. So I just want a way to access the code without a front-end.
You can definitely use Postman for this. I write Rails APIs often and I always use Postman to hit the endpoints without having a front-end. All you have to do is find out what you need to send to the Facebook API and set it up as a form body on Postman.
I am trying to use OAuth2 with LinkedIn, following the official documentation. The answers I got from are inconsistent, or rather does not exhibit any consistent behaviour. This SO question helped me somewhat: After switching to use oauth2_access_token query parameter I managed to be able to query information about the user.
However, each time I request a new access token and try to use it from my server I got the dreaded Unable to verify access token error. When I try to use the access token manually with a plain curl, it fails with same error unless I navigate to my LinkedIn page.
Can someone explains what's the correct workflow and parameters as LinkedIn's own documentation appears to be flawed? A server-side code example would be great...
I'm doing a facebook app and I've followed the custom login flow instructions and I have a question on the last step:
1) I start by doing a call to /dialog/oauth to get a login code.
2) With the code I will request an access token, by hitting the graph.facebook.com/oauth/access_token and that's fine as well.
3) The instructions now say I should validate the code and token to make sure they are from the sources that requested them.
GET graph.facebook.com/debug_token?
input_token={token-to-inspect}
&access_token={app-token-or-admin-token}
My questions are:
What is the input_token in my scenario?
Do I need to do this in my flow? And why if yes?
If I just pass the same value(access_token) in both parameters I get a valid anwser but I don't know if this makes sense.
Thanks in advance.
This question has already been asked: how to verify facebook access token?
And: Verify Facebook Access Token for specific App
And: verification code example
It's simply a unit test to see if your code is still valid (to catch a bug early so it can't do any big damage).
If the access token is not valid, you can for example show a message to the user that there is a bug etc.
i want to get oauth_request_token for my application but when i request for the page of request_token in twitter it is giving me error that "failed to validate to oauth signature and token".
Please help me in solving this problem
using oauth in objective-c is no minor accomplishment. my advice would be to take a look at oathconsumer and its tutorial. I've used it successfully for oauth and xauth. You may also want to look around for existing twitter oauth obj-c libraries on github and googlecode.
I'm using the gdata OAuth controllers to get an OAuth token and then signing my requests as instructed.
[auth authorizeRequest:myNSURLMutableRequest]
It works great for GET requests but POSTs are failing with 401 errors. I knew I wouldn't be able to remain blissfully ignorant of the OAuth magic.
The Google Reader API requires parameters in the POST body. OAuth requires those parameters to be encoded in the signature like they were on the query string. It doesn't appear the gdata library does this. I tried hacking it in the same way it handles the query string but no luck.
This is so difficult to debug as all I get is a 401 from the Google black box and I'm left to guess. I really want to use OAuth so I don't have to collect login credentials from my users but I'm about to scrap it and go with the simpler cookie based authentication that is more mature. It's possible I'm completely wrong about the reason it's failing. This is my best guess.
Any suggestions for getting gdata to work or maybe an alternative iphone friendly OAuth library?
I was on the right path. The GData OAuth classes needed to support signing the POST params but what I didn't know is the keys needed to be sorted differently.
http://groups.google.com/group/gdata-objectivec-client/browse_thread/thread/adc4e2ba154fbc5f?hl=en