I am using this url
https://login.salesforce.com/services/oauth2/token?grant_type=password&client_id=""&client_secret=""&username=""&password=""
to get an access token. Can I use that access token in the SDK so that there will be no need to login? I want to develop the application in which I want to use my salesforce credentials.
Yes, you can make use of the access token to login in to the application, but the access token that you have obtained is the short lived one and you have to make use of refresh token to get the new access token once your previous becomes invalid
Reference
https://help.salesforce.com/apex/HTViewHelpDoc?id=remoteaccess_oauth_refresh_token_flow.htm&language=en
Related
Im trying to integrate the DropBox into my java app but I didn't understood how can I create a general login (email and password each time someone click 'log in'). I used the token to access data from my account, but now I want get from anyone who logs in.
Your app can obtain an access token by redirecting the user to the appropriate URL (preferably within a web browser, otherwise something like a webview), where they will sign in with their dropbox credentials (username, password).After this, they will be redirected back to your app, and you can now get the access token (token secret) as part of the response.
You should then store this somewhere, and propbably keep using it, till the user asks you to log out of their Dropbox account, in which case you should then get rid of that access token (token secret).
You can refer to this page for the specifics on how to do it:
https://github.com/dropbox/dropbox-sdk-java/blob/master/examples/web-file-browser/src/main/java/com/dropbox/core/examples/web_file_browser/DropboxAuth.java
Another useful link:
https://www.dropbox.com/developers/reference/oauth-guide
NOTE: The 'access token' that you used so far was probably just an access token provided by Dropbox to your app for testing purposes only.To actually access the user's Dropbox, you would need to obtain an access token for each user, using the method described above.
I'm working with Google Calendar API Java on Server side.
I have a token & refresh token from client side and store it into database.
So How I can instantiate new OAuth 2.0 Credentials using these stored tokens for calling Google Calendar Java API?
Thank in advance.
It's stated in Detecting an expired access token that once a token is detected to be no longer valid (ie. expired or revoked), you must remove the access token from your storage.
Likewise, it is also stated in The OAuth 2.0 Authorization Framework under Refreshing an Access Token that:
The authorization server MAY issue a new refresh token, in which case the client MUST discard the old refresh token and replace it with the new refresh token. The authorization server MAY revoke the old refresh token after issuing a new refresh token to the client. If a new refresh token is issued, the refresh token scope MUST be identical to that of the refresh token included by the client in the request.
I have a problem with Google Drive sync. I can insert, update, delete, get from a specific Drive account as long as I get the access token from the authorization page.
Does someone has a solution for that?
Read about "offline access" and "Refresh Tokens". By requesting offline access when the user authorizes your app, you'll receive a refresh token which you can use to obtain an access token at any time.
How to get user AccessToken of fb using REST API programatically in java using emailid and password for multiple user.I am making javaFX Desktop application to post a message in all the user wall. here any other api is available to get Access token at run time. I have also use Facebook4j api but not get any solution to getting User access Token not App Access Taken.
Here I see the code that is using access Token
FacebookClient facebookClient = new DefaultFacebookClient(MY_ACCESS_TOKEN);
But it's not showing how to get User Access Token using desktop Application.
It is possible or not?
You have to implement the OAuth login flow to get an User Access Token. You can find an example app here: https://github.com/roundrop/facebook4j-oauth-example
I'm trying to write a facebook application using Java tomcat with RestFB.
the restfb documentation shows the following:
Create a Facebook Application
Request https://graph.facebook.com/oauth/authorize?client_id=MY_API_KEY& redirect_uri=http://www.facebook.com/connect/login_success.html& scope=publish_stream,offline_access,create_event
Facebook will redirect you to http://www.facebook.com/connect/login_success.html? code=MY_VERIFICATION_CODE
Request https://graph.facebook.com/oauth/access_token?client_id=MY_API_KEY& redirect_uri=http://www.facebook.com/connect/login_success.html& client_secret=MY_APP_SECRET&code=MY_VERIFICATION_CODE
Facebook will respond with access_token=MY_ACCESS_TOKEN
I think that i may be looking at the wrong instructions and this is for a facebook connect or anything else besides an actual facebook application inside apps.facebook.com/app_name.
I would really appreciate any relevant information regarding the issue. I'm simply trying to create a simple facebook application that prints the name of the user.
In general after I fetch the acces token of the user i can do the following:
FacebookClient facebookClient = new DefaultFacebookClient(MY_ACCESS_TOKEN);
User user = facebookClient.fetchObject("me", User.class);
out.println("User name: " + user.getName());
My problem is how do i properly fetch the access token of the user? in the information i showed at the top of the post, it shows that i need to make 2 requests. the first for the code and the other for the acess token. and the request for the access token actually reveals my app secret key to the user because each time i forward him to a different page the user can easily view the get and set parameters.
so i guess i'm pretty lost here.
please help! :)
thanks
update after comments
with these instructions i need two times to redirect the user's page. first to get the code and then to get the access token. the user can see these two redirections and because of that he can easily see the facebook application key and secret key from the get parameters. how do i make sure that these steps are hidden from the user?
As stated in the comments, these are the steps you need to take to access Facebook's graph API. However, to answer your second question:
"How do I make sure that these steps
are hidden from the user?"
Only the first request should be performed by the user's browser. The purpose being that Facebook wants to make sure it is the sole authorization provide for the user's Facebook identity. Depending on the application you are writing, you would either use the redirect URL to point to the default redirect URL that you specified, or specify a custom url on your website that you will use to retrieve the token. The first approach is typically used by stand-alone applications such as mobile devices that can control how the browser handles redirects. The second approach would be used for a custom web-based application. Once you receive the access token, then you would perform the second operation within your code (using your favorite http apis) and not through the browser. The redirect on the access_token url is compared against the redirect url specified on the authentication-url. Facebook uses it for validation only and does not perform an actual redirect on the successful completion of the request.
Here are the high-level steps:
Redirect user's browser to the authentication-url specifying the appropriate redirect_uri
Retrieve verification token from redirected browser request
Perform access_token retrieval using your preferred HTTP framework (no user input required)
Parse results and retrieve access token
Initial restfb with token and use as needed
The REST API has been deprecated. You should look in to the JavaScript and Graph APIs instead - there is a good article on this here: http://ocpsoft.org/opensource/creating-a-facebook-app-setup-and-tool-installation/ (Three part series, very detailed :)