facebook api v1.0 expires on April 30, 2015:
https://developers.facebook.com/docs/apps/changelog
We're using scribe (currently version 1.3.6) to do a login via facebook. We need to update to Facebook api v2.2, or later than v1.0
Does scribe support connection to facebook api v2.2 ?
If i look on the generated url which is sent to the user,
v1.0 version:
https://www.facebook.com/dialog/oauth?client_id=12345678901&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Findex.facebookoauthconnect%3Aauthorize&scope=email%2Cuser_birthday
If i understand right, i connect to the v2.2 api by including /v2.2/ like the following
v2.2 version(?):
...facebook.com/v2.2/dialog/...
Is that correct? At least this works for our scenario.
The URLs to facebook are defined in:
org.scribe.builder.api.FacebookApi
and are not manipulated later in the code, so that i think scribe supports only v1.0 facebook api. Is that correct?
Is it enough to insert the /v2.2/ into the url by ourself to connect to the v2.2 api?
Kind regards
David
Note: I never used Scribe since I have my own library written in-house.
The OAuth authorization process on Facebook hasn't changed, it's merely the API. Therefore, your request path will not be on /{object}/ (if using Facebook v1.0) but rather appended /v2.2/{object}/.
Scribe library merely allows you to do OAuth to the service providers easier for you. It does not link to ANY service providers specific API's, so you're free to change the API request path as you wish.
You will need to refer to the latest Graph API reference doc.
Example:
// getting user profile
OAuthService service = new ServiceBuilder()
.provider(FacebookApi.class)
.apiKey(YOUR_API_KEY)
.apiSecret(YOUR_API_SECRET)
.build();
OAuthService service = facebookServiceProvider.getService();
OAuthRequest oauthRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v2.2/me"); //See how this link is appended with v2.2 path!!!
service.signRequest(accessToken, oauthRequest);
Response oauthResponse = oauthRequest.send();
System.out.println(oauthResponse.getBody());
I suggest learning the upgrading changes from Graph v2.1 to Graph v2.2. You shouldn't worry about authentication process but rather the Graph URL.
Related
I'm trying to log in users to a Java Web application written in Java Spark framework using firebase Auth REST API here. Reason is since I couldn't find a better way to integrate with Firebase from this framework.
I can use VerifyPassword end point to login using email provider. But I want to use the Microsoft provider in firebase Auth Console instead of email.
Is there a way to use Microsoft Authentication through firebase using the REST API?
Thanks in advance!
There is. You are looking for Sign In With OAuth Credential section in the Firebase Auth REST API documentation.
You can sign in a user with an OAuth credential by issuing an HTTP POST request to the Auth verifyAssertion endpoint
However, the process won't be pretty straightforward like it is when using Firebase SDKs. You would have to get an access token from Microsoft (or any auth provider) and then pass it in the request body of Firebase's REST API.
I wanted to integrate Azure AD service with my web application to authenticate the users and store the document to user's one-drive location.
I have tried adal4j library sample where I configured my app on azure portal and able to authenticate the same. But now I need to use Microsoft Graph APIs for using one-drive service (uploading files).
Any suggestions from you guys?. I checked Graph APIs where Java samples are not available.
I have tried below library.
https://azure.microsoft.com/en-in/resources/samples/active-directory-java-webapp-openidconnect/
Also refered below link where I didn't found any samples for Java.
https://learn.microsoft.com/en-us/onedrive/developer/rest-api/?view=odsp-graph-online
It sounds like you're trying to make an onedrive Graph API call using Java.
The ADAL4J library that you are referring to has a wiki that shows how to use it.
The wiki for the ADAL4J github library shows you how to get an access token and make a call to the Microsoft Graph is here : https://github.com/AzureAD/azure-activedirectory-library-for-java/wiki/ADAL4J-Basics
Excerpt Below :
Here are the steps to get started with ADAL4J:
Instantiate the ADAL AuthenticationContext object.
String authority =
"https://login.microsoftonline.com/contoso.onmicrosoft.com/";
ExecutorService service = Executors.newFixedThreadPool(1);
AuthenticationContext context = new AuthenticationContext(authority,
true, service); Use the authentication context instance to acquire
tokens. ADAL4J provides different methods to acquire tokens based on
your application type. Refer the acquire tokens section for the
appropriate method for your implementation.
Use the acquired token as a bearer token in the call to the web API.
Future future =
context.acquireTokenByAuthorizationCode(code, redirectUri, new
ClientCredential(clientId, clientSecret), null, null);
AuthenticationResult result = future.get();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Authorization", "Bearer " +
result.getAccessToken()); You can also refer this full sample of a web
app using ADAL4J to authenticate users and get tokens for the MS Graph
API.
Once you have an access token you would follow the getting started guide for the OneDrive Graph API here : https://learn.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/?view=odsp-graph-online
Excerpt below:
User authentication and authorizing your app Microsoft Graph and OneDrive API use OAuth 2.0 for authorization. By completing an OAuth
flow, your app receives an access token that provides access to the
Microsoft Graph a particular set of permissions for a user.
Your app provides the access token in each request, through an HTTP
header:
Authorization: bearer {token}
For more information on authorizing your application and obtaining an
access token, see App authorization with Microsoft Graph.
Make calls to a resource Once your app is authorized and received an access token, it can make requests to the Microsoft Graph endpoint
for OneDrive or SharePoint resources. To construct the URL for a
resource, you need to know the relative URL for the root resource
(like a user, group, or site) and the drive resource or driveItem
resource your request is targeting.
A request URL includes these components:
Microsoft Graph root URL and version
(https://graph.microsoft.com/v1.0) A root resource target
(/users/{id}) A OneDrive API resource target (/drive or
/drives/{id}/items/{item-id} or /drive/root:/path/to/item) Note:
Throughout the documentation, only partial syntax such as: GET
/drive/items/{item-id} is used for the sake of brevity. Prefix the
path with the correct root URL and root resource target in order to
obtain the full resource path or URL.
Please leave a comment if you have anymore questions.
I've successfully implemented user login in my android app with Google Identity Toolkit. I've also created an App Engine Endpoint to communicate from the Android app. Now I want to secure the endpoints with auth.
I know I can create a custom Authenticator for endpoint and do any kind of verification of the data in request header in there and get the job done.
But I don't know how to do the Gitkit verification there.
Basically
What data should I pass to reach endpoint calls from Android app?(token ID?)
What should I do in the custom Authenticator of endpoint to ensure the requests are valid?
I saw people suggesting to use Session or cookies. Will these work if I'm using the endpoint from Android app? If yes please give me some reference on how it can be done.
Gitkit tokens are JWT format, so you validate them on server-side just as any other JWT token.
See example documentation on how to validate JWT here: https://developers.google.com/identity/sign-in/web/backend-auth It's the same format.
I have also my own project to integrate it with Jersey server:
https://github.com/dlazerka/gae-jersey-oauth2. It uses recommended com.google.api-client library to actually verify the token.
I am creating a new application in Twitter Twitter API
It is asking for CallBack Url what is main use of callback URL and its mandatory to use callback url as for me i am creating new app to get Access-Token so that i can use this to work with Twitter4j?
Twitter4j is used to integration Twitter API with Java.
I want following from this API
Login in my website through Twitter Like Stackverflow given login with OPENID
User Information
Number of follower
All Tweets of any account
Search on some Keyword basis
If i will not give Callback Url everything will work fine?
The purpose of the API is for you to make requests to Twitter.
Twitter needs to know where to send the results of your request.
Otherwise how will you know what happened? This is how you get the token to use it in your code.
I Started working on Android Development for a while now. According to the tutorials im following im trying to retireve JSON info from the Twitter API...
As it was instructed in the tutorial, this is the code to use:
"http://api.twitter.com/1/statuses/user_timeline.json?screen_name=write the username"
HOWEVER, i got a response saying that the API is no longer available and i should migrate to API v1.1.
Could anyone please help on what to do to replace the url i was instructed to use??
NOTE
When i used the new url from API v1.1 : "https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=twitterapi&count=2"
i get the following:
"{"errors":[{"message":"Bad Authentication data","code":215}]}"
Old Twitter API did not require Authentication for retrieving user_timeline, but v1.1 requires authentication to retrieve data(https://dev.twitter.com/docs/api/1.1/get/statuses/user_timeline). According to Twitter API document user authentication is required for all the API v1.1 requests.
You can read more about authentication here
https://dev.twitter.com/docs/auth/oauth#v1-1