I've looked at Net::Google, and 90% of the modules use AuthSub with a mandatory login/password. The right way for a web application to interact with Google applications on behalf of a customer is to use OAuth. That way, the authentication is done by Google, and the application does not know the user's password. This is supported by Net::Google::DocumentsList for example.
Are you aware of modules that can work well with Picasa and Blogger, for example, using OAuth. The current Net::Google::PicasaWeb handles read-only queries, no add/remove/update actions.
I noticed this blog entry with an example, http://blog.case.edu/jeremy.smith/2009/03/30/using_2legged_oauth_with_google_apps_in_perl, perhaps it will get you started.
Related
I hope you can direct me with my query.
I wish to create my own authentication method for users in my Google Apps for Work account. Currently I am using built in Google Authentication, however I wish to build my own authentication method in PHP, Phyton or .NET; language doesn't matter really. So I want users to go to the page I will create, then they will need to pass authentication and be logged to Google Apps.
I know SSO is the way to do it but after my research I found very little about how to achieve it with Google Apps. I mean there is tones of third party platforms like OneLogin etc but I would like to have something I build myself. Ideally I would like to have some examples of SSO which works with GAFW so I could figure out the rest myself. I read somewhere that building own SSO portal it's not a piece of cake and also found an article that you can create something based on oAuth2.0 instead. So tried research about oAuth2.0 but all documentation I found is about authenticating to the application that I build using Google Apps Credentials, where I want the opposite; to be able to access Google Apps using the app that I build.
Hope someone could direct me to some examples or documentation or explain the process of learning curve to get my head around this project of building SSO for GAFW.
If you want to write your own Auth system and become the Identity Provider (IdP), you need to use SAML as that is the only supported method for now.
Here are the step by step instructions
I created an application as part of a university project that searches using web APIs. Google+ is one of the APIs considered.
Now I am trying to evaluate this application against what other search tools offer. In the evaluation, I ask the user to create a google plus account and then try to find it using the search engine example.com and then try our tool.
The problem I am having is that when I create a google plus profile, I can not find it immediately using "Google+ API people search". Is there a way to tell the API to consider recently created profiles or any other solution to this.
No. Google+ is a large application and things can take time to process by various other systems.
I have been building out a server api for mobile developers to use for an iphone app. I have no experience with mobile development and they have no experience with ruby on rails. I have attempted to build a mobile authentication route for the app that allows users to log in via facebook. So far, it looks like this:
GET '/auth/mobile/fbtoken=:facebook_token&device_id=:device_id&time_zone=:time_zone&os_type=:os_type', to: 'sessions#fb_sso'
client = OAuth2::Client.new(
ENV['FACEBOOK_APP_ID'],
ENV['FACEBOOK_APP_SECRET'],
site: 'https://graph.facebook.com')
token = OAuth2::AccessToken.new(client, params[:access_token])
user_info = ActiveSupport::JSON.decode(token.get('/me').body)
The resources online for learning how to do this properly are very limited or nonexistant. The only information I have found on how to do this involves using Devise for authentication. Our app currently is equipped for Devise (it's been added and the migration has been made to the User model) but does not currently authenticate via Devise. One of the only specific examples that I have been able to find for what we're trying to do can be found at the bottom of the page on this post:
https://www.ruby-forum.com/topic/4409930
It led me to believe that I was on the right track with the way the route was set up, because everything is the same besides the last step "sign in using Devise method: sign_in #user, :event => :authentication." This is what motivated me to attempt to integrate Devise into our application.
After reading that, what I meant to do was implement Devise in a sort of limited state and use only the sign_in method. Unfortunately, Devise seems to be very opinionated and more of an "all or nothing" sort of solution. I'm very unsure of how to proceed and how to decide whether to completely rebuild a significant portion of our application to support Devise or to abandon it altogether and try to implement my own solution.
tl;dr
1) Is it worth re-doing a significant portion of the Rails app to use Devise?
2) Is it possible to make this route work without Devise? How?
If you are only going to have your users sign in through Facebook then Devise would be unnecessary as you would just be using Facebook's API with Koala or Omniauth to authenticate the user. On the other hand, I see no reason why you couldn't have both your own authentication and Facebook authentication by also using Devise if you want non-Facebook users to use your app; you would just need either form of authentication to create a session.
And if I understand correctly, the solution at the bottom of your link doesn't use Devise for Facebook authentication but it's used to create a session when a person's FB account has been authenticated. Seems like a reasonable way to go.
To answer your TL/DR:
1) Only if you plan on having both a Facebook login and a traditional login at the same time.
2) Yes. Just give those GET parameters to a gem like Omniauth or Koala and create a session once the user has been authenticated.
I have developed asp.net MVC social networking site. I do not want to keep credentials at my database. Its user choice like stackoverflow (this forum). When we saying login the there should be option that to login with google/yahoo/facebook credentials, if user has account over there. What I have to do? is there any webservice provided by sites (google/yahoo/facebook) or what is remedy over this ? this topic in totally new for me . I expecting help from you gems..
You could implement OpenID. DotNetOpenAuth is implementation for .NET.
Sounds like OpenId would work for you (click, and more).
Library's to use in your apps.
For Facebook you want to use Facebook Connect. There is an implementation for .net on codeplex that you may want to have a look at. You may also want to look at this question.
Google uses OpenId. You can use DotNetOpenAuth to connect to google (and any other OpenId provider, such as Yahoo and twitter).
If you want to connect with Microsoft's LiveId, you may want to read this tutorial.
EDIT
There is also the option of using JanRain, a single provider that consolidates a large number of login providers. But note that JanRain is only free up to 1000 users.
There are solutions that enable authentication and features (like status updates, friends etc) from all mentioned sites, one of them is RPX from JanRain. I've experience with RPX personally and it's a great product, however, it will cost you money. They charge you per registered user etc.. I do not know of an open source solution that can compete with RPX.
If you are not interested in paying for a product you can always implement support for the mentioned sites yourself. All of them provide open API's and examples for how to do this. For Facebook it's very easy to implement Facebook Connect. Google and Yahoo both support Open ID and there are plenty of open source resources available for .NET (like http://www.dotnetopenauth.net/).
Good luck with your community!
I'm writing a sort of visualization desktop (non-web) application, just for fun.
However, ideally I'd want it to be able to pull information from the user's facebook account. (after getting its credentials, of course)
What's the best way to do this? Should I register a new 'facebook app' even though I'm not really making it web-based? I've never written a facebook app before.
I'm using Java as my prog language, btw.
Thanks!
Yes. Facebook supports desktop applications, but they must go through a special authentication mechanism. Essentially, the user will need to be directed to facebook through a web browser window as part of the authentication process.
Here is the documentation on the authentication process: http://wiki.developers.facebook.com/index.php/Login_Desktop_App
There is a relatively polished Java library for facebook here: http://code.google.com/p/facebook-java-api/
If the Java library above does not meets your needs, you can build an implementation on your own. Essentially, you will need to interact with the Facebook REST server, as described at the top of the page here: http://wiki.developers.facebook.com/index.php/API
Edit: After doing some more research I have a few more resources to provide:
Here is a list of some applications written using Java for facebook:
http://wiki.developers.facebook.com/index.php/Facebook_apps_written_in_Java
And there's even a neat desktop application that is open source here:
http://code.google.com/p/fb-photo-uploader/
Good luck!