I'm trying to create a web service to use the Google Plus API. I'm writing it in java, however I can't figure out what files I need and how I would go about posting to Google plus groups using Java
If you have any insite please could you post relavent links and helpful tips to help me out.
EDIT 1:
I have been playing around with the GooglePlus API provived by Google and have written a project based on the sample code given from this page: https://developers.google.com/+/domains/posts/creating
The code runs fine until it gets to the GoogleTokenResponse tokenResponse = flow.newTokenRequest(code).setRedirectUri(REDIRECT_URI).execute(); line. Where it returns a null error. I am copying the link provided in the console and pasting in the code, however everytime it just returned a null error, is there a specific part of the returned code given that causes an issue?
Posting to Google+ is only supported for accounts in a Google Apps Domain (and even then, with restrictions).
If you are logging in using a GMail account - you don't have an Apps Domain account. If you're logging in using some other email address (ie - you have an email address, but you can't use Google account features such as GMail or Google Drive with it) then you don't have an Apps Domain account. If you are using a Domain account, your Domain admin may need to enable Google+ for your Domain before this works.
See https://developers.google.com/+/domains/getting-started for the differences between what you can do with the Domains API and the regular Plus API.
Note that neither API lets you post to a Google+ Community or post publicly. The Domains API does let you post to a user's circle, as long as the members of that circle are also part of the Domain. The Domain API also lets you post to everyone in the Domain. The normal Plus API does not allow posting at all.
There is a third API, knows as the Pages API, which allows Pages to publicly post on their stream. This API, however, is available to a limited number of partners such as Hootsuite. You can read more at https://developers.google.com/+/api/pages-signup, but there isn't much more available publicly.
Your web service should first authenticate against Google. This authentication can either be using a service account (if you want to post only through one account) or users's account (if you want to post via user's account) using oAuth mechanism.
For more details about how to authenticate, refer to How to authenticate our users in our website with Google Account
Have a look at https://developers.google.com/+/api/ for detailed information about how Google Plus APIs can be used.
Related
We are developing a Java application that is supposed to show models from users store.
initially, I'm trying to allow users to login using their autodesk account, and check if they are entitled to access my app.
I couldn't find any good example to show how it is done, I just want to confirm that what I will be doing is the recommended thing or if there is better options.
First, on app start, I will show an embedded webbrowser that will open
"https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code&client_id=XXX&redirect_uri=XXX&scope=XXX"
the app will get the url from our server (so not saved locally) and the call back is pointing to an api on our server. then as user login and consent, will get the code from the url, close the login dialog and continue to get the bearer token using plain rest apis to /authentication/v1/gettoken.
As I said, not 100% sure if this is approved way or not or even if it is doable or not. so thought to check before we implement it.
After that I will just use rest apis to browse and get the model.
any thoughts or complains ?
Thanks in advance
Rest assured that the workflow being proposed here is actually orthodoxical and well “approved” by our official tutorials:
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
http://learnforge.autodesk.io/#/oauth/3legged/
Unfortunaly the code sample for that bit is in node and we are still working on a Java equilvalent
Some of our endpoints require 3-legged oauth to access personal data - see here for an example and you can always refer to the authentication context section of each endpoint for the oauth flow required.
We are developing a web service application to retrieve Google Analytics data for user's website using Google Analytics API.
The challenge we are facing is, at the authorization part. We are confused as to, which option to use for client authorization to access the analytics data.
As we are the third party application, it's obvious that the website owner wouldn't want to divulge any of his secret account information to us.
We are well aware of each option, it’s just that we need to know which is the safest / secure option for the website owner to provide us to access the analytics data.
Few options we know are:
Sharing client secrets file with us, or
Sharing service account details, or
If there is any other secure option which can be used here please
let me know.
Any guidance is appreciated.
Had posted the question in google groups site. Suggestion was to use OAuth 2.0 for Web Server applications.
Here is the link to the answer.
I managed to implement the auth function described by google using a clientid.
So when visiting the html page, one gets asked to authenticate with a google account.
Question: As it is now, everyone can use the site, as long as he/she has a Google account to authenticate with. How do i restrict the usage to a certain group of users? Do i need to manage a list of unique user ids provided by the User object? Or is there already something prebuild, that i can make use of?
I think the safest would be to keep a list of Ids. What are the basis that you expect google or anyone else to know what kind of users you want to allow?
Even if its only geographic there are times when people might be using proxies or using yor site from a remote location.
The site you linked to also says so much :
Specifying Authorized Clients in the API Backend
You must specify which clients are allowed to access the API backend
by means of a whitelist of client IDs. A client ID is generated by the
Google API console from a client secret, such as the SHA1 fingerprint
of a key used to secure an Android app, or from the Bundle ID/Apple
Store ID pair for an iOS app, as described in Creating OAuth 2.0
Client IDs. At runtime, a client app is granted the authorization
token it needs to send requests to the API backend if its client
secret matches one contained in a client ID within the API backend's
client ID whitelist.
Also its only common authentication (who is it), authorization (what they can do on your site) comes from you.
I'm finding a lot of problems trying to develop a google app to place in the market, with OpenID and accesing some google apis like G+ from the backserver on GAE
I have applications running using google apis to acces G+ data, with 3 legged oAuth (code flow) without problems and i understand the "magic" behind the scenes, but i'm getting lost with OpenID and google market. Do i need to do the 3legged oAuth after the user pass the OpenID google filter, and send the user to acept the G+ permission API to use that token to access google apis? If this is the case, what happen if the user access the application from his company gmail account, and when prompted to accept the g+ access, he change accounts? Is there any good reading that make things easier with google apps, openID and access google apis from GAE?
Why I can't specify the scope of G+ when sending my application to the market, in the app conf files?
In this scenario, what is the best way of getting the user g+ profile (picture, fullname, nickname? What i'm missing? google documentation is really good, when you find the correct one ,but a lot of links are dead and millions of examples with deprecated gdata apis are flooding the net...
Ok, after further reading and testing i came up with this points:
Google Marketplace just alow you to access this apis without extra "oAuth dances"
If you want to access more APIs than the listed above, you need the oAuth exchange to get specific token/s for the APIs you want to access.
In my case, i want to access G+ API before the openID from market, so after logging the user with openID, i need to redirect him to google api oAuth accept screen (just for the first time)
More things about the market that take me long time to catch:
- Billing API and license API are deprecated, this mean you are responsible for billing your users and keep them tracked to know if a given user has paid the application or when the license has expired
- You need to map /_ah/login_required becouse your application should be setted (when you create it) to only accept federated logins, wich will lead to a redirection to /_ah/login_required from where you need to do the openID stuff.
A lot of links in the documentation are broken and the examples are too old :(
It's actually a little simpler now with the new Google Apps Marketplace experience. If you follow the steps in the docs and make sure you ask for the same scopes in your App Engine code, the user should never be prompted.
I'm trying to add a payment option for an application to allow users to donate/pay for certain features. To do this, I want to have the application periodically check PayPal for recent payments, preferably using a PayPal API.
I've looked at the PayPal IPN, and that seems to require that you own a web-server which PayPal can send an HTTP request to. However, I'm trying to avoid linking the application with a web-server. The other PayPal APIs I have looked at (I'm only looking at official APIs), from what I can tell, don't serve the purpose I seek.
The user experience I'm seeking is that the user will give the application their PayPal email address, donate/pay on the Paypal website to my account (or whoever's account). My application will then check PayPal for the past X donations, and reward the user accordingly if their email address is found on there and that payment has not yet been rewarded. The reason I want to do this is for security. I'll probably be publishing my work as open source, and I don't want someone modifying it and keeping the user's PayPal credentials.
So, a recap, which (if any) PayPal API would I use to check if there are any recent donations to a given account? Ideally, the user will donate/pay money on the PayPal website to an account, and the application will identify that transaction and reward the user appropriately. I intend to do this in Java, so I can use any Java APIs or web APIs that I can subsequently call with HTTP requests.
If I'm going about this the wrong way, or if it's impossible, let me know.
You can use the TransactionSearch API endpoint referenced here:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_r_TransactionSearch
to find transactions in a certain date range.
If you need more information about one of the donors, you can use the transactionID you get from the search request to query the TransactionDetails end point here:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_r_GetTransactionDetails