I want to use the 'plus.people.get' API call from the Google Plus API, without a user login. Similar to what the API explorer is doing.
I know that I will need to register my application and provide the client id and cleant secret, but I can not figure out on how to call the API. All examples I found explain how to do user login..
Thanks in advance for any links.
For un-authenticated access to the API functions you will need an API-Key. Client ID/Secret are only necessary for OAuth.
If you do a request on the API explorer it will display a URL like this
https://www.googleapis.com/plus/v1/people/<userid>?key={YOUR_API_KEY}
If you are using simple HTTP requests to retrieve data you just have to replace {YOUR_API_KEY} accordingly.
If you are using any of the client libraries, they all have methods to set the API Key, which will then be appended to all calls automatically.
You can get an API Key similar to how you get Client ID/Secret from the Google Developers Console. Just look for "Your Project" -> APIs & Auth -> Credentials and use "Create new key" there, if one hasn't been created automatically already.
Related
We are developing a Java application that is supposed to show models from users store.
initially, I'm trying to allow users to login using their autodesk account, and check if they are entitled to access my app.
I couldn't find any good example to show how it is done, I just want to confirm that what I will be doing is the recommended thing or if there is better options.
First, on app start, I will show an embedded webbrowser that will open
"https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code&client_id=XXX&redirect_uri=XXX&scope=XXX"
the app will get the url from our server (so not saved locally) and the call back is pointing to an api on our server. then as user login and consent, will get the code from the url, close the login dialog and continue to get the bearer token using plain rest apis to /authentication/v1/gettoken.
As I said, not 100% sure if this is approved way or not or even if it is doable or not. so thought to check before we implement it.
After that I will just use rest apis to browse and get the model.
any thoughts or complains ?
Thanks in advance
Rest assured that the workflow being proposed here is actually orthodoxical and well “approved” by our official tutorials:
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
http://learnforge.autodesk.io/#/oauth/3legged/
Unfortunaly the code sample for that bit is in node and we are still working on a Java equilvalent
Some of our endpoints require 3-legged oauth to access personal data - see here for an example and you can always refer to the authentication context section of each endpoint for the oauth flow required.
I'm trying to create a web service to use the Google Plus API. I'm writing it in java, however I can't figure out what files I need and how I would go about posting to Google plus groups using Java
If you have any insite please could you post relavent links and helpful tips to help me out.
EDIT 1:
I have been playing around with the GooglePlus API provived by Google and have written a project based on the sample code given from this page: https://developers.google.com/+/domains/posts/creating
The code runs fine until it gets to the GoogleTokenResponse tokenResponse = flow.newTokenRequest(code).setRedirectUri(REDIRECT_URI).execute(); line. Where it returns a null error. I am copying the link provided in the console and pasting in the code, however everytime it just returned a null error, is there a specific part of the returned code given that causes an issue?
Posting to Google+ is only supported for accounts in a Google Apps Domain (and even then, with restrictions).
If you are logging in using a GMail account - you don't have an Apps Domain account. If you're logging in using some other email address (ie - you have an email address, but you can't use Google account features such as GMail or Google Drive with it) then you don't have an Apps Domain account. If you are using a Domain account, your Domain admin may need to enable Google+ for your Domain before this works.
See https://developers.google.com/+/domains/getting-started for the differences between what you can do with the Domains API and the regular Plus API.
Note that neither API lets you post to a Google+ Community or post publicly. The Domains API does let you post to a user's circle, as long as the members of that circle are also part of the Domain. The Domain API also lets you post to everyone in the Domain. The normal Plus API does not allow posting at all.
There is a third API, knows as the Pages API, which allows Pages to publicly post on their stream. This API, however, is available to a limited number of partners such as Hootsuite. You can read more at https://developers.google.com/+/api/pages-signup, but there isn't much more available publicly.
Your web service should first authenticate against Google. This authentication can either be using a service account (if you want to post only through one account) or users's account (if you want to post via user's account) using oAuth mechanism.
For more details about how to authenticate, refer to How to authenticate our users in our website with Google Account
Have a look at https://developers.google.com/+/api/ for detailed information about how Google Plus APIs can be used.
What I have done so far:
I setup a project in google developer console
I setup the billing
I assigned the translation api. It is switched on . ON button is green
Now I get confused with the key setup. What type of key do I have to setup and which parameters do I have to provide to call the api from my java-programm ?
My tries so far resulted in the following error, when trying the get-request with a browser:
Access Not Configured. Please use Google Developers Console to activate the API for your project.
You have to go to your project in the Google Developers Console, then to APIS & Auth, click on Credentials and Create new Client ID. Choose the type of your application (if it is a Java application, it would be Installed Application > Other) and your key would be the Client secret.
You could also use a public key instead of OAuth. To do that instead of selecting Create new Client ID, try Create new Key, and then Browser key.
I have couple of doubts regarding the usage and working of /venue/stats Foursquare API.
Q1. I would be using /venue/stats for getting information provided a venue id. So I have registered my app and got the client id and secret values. I went to Foursquare API endpoint and tried using /venue/stats api and I noticed a oauth_token generated automatically by FSQ so is this oauth_token the same token that I am required to use everytime I use this api ? Do I need to do the authentication steps mentioned ?
Q2. Try the api generates a link which has /simulate in the api URL. I assume that this is due to the fact that I am testing the API so FSQ has categorized such api calls as simulate calls. Please confirm my understanding. If this is so then whenever I use the api as mentioned i.e. /v2/venues/venue_id/stats I get an error JSON stating that I am unauthorized to view venue stats. Can you please tell me why ? If this is due to access_token issue then the same issue should have been with simulate call also ?
Hoping to get a reply soon.
Right underneath the API Explorer bar it says "OAuth token automatically added". You do not use this token. I am sure it is either temporary or created using your log in info if you are loggged in while using the API Explorer. You will still have to use the authentication process to get a valid access token. However, you can save this access token and use it again skipping the Auth process. An access token serves as a key unique to a user and app. Read more about it here: https://developer.foursquare.com/overview/auth
The simulate feature is used mostly for API calls that normally would require you to be a manager of the venue. There are certain calls that can not be done unless the app is by a user that is the manager or unless you make the call using an access token of a manager.
I am developing a Java application that needs to access personal account Google Data of a user. The development is currently in netbeans on my localhost. I am implementing 3-legged OAuth. And while sending Grant request, it sends me Unauthorized Request Token and then redirects to Callback URL.
While trying to access Access Token, it gives me Error "Error Getting HTTP Response". Now, as per it given in Google Documentation, it is given that "If the application is not registered, Google uses the oauth_callback URL, if set; if it is not set, Google uses the string "anonymous"." Does it mean that I must register my application on Google Apps Engine before granting authorization & accessing request ? Please Help.
For reference : OAuth for Web Applications, OAuth in the Google Data Protocol Client Libraries
Based on your question, it's probably not the registration piece that's causing you trouble. It sounds like you just haven't implemented OAuth correctly — not that doing so is easy. The OAuth process is roughly as follows:
Get a request token. You must pass in a bunch of stuff that declares what kind of stuff you want access to and where you want Google to send the user when they're done granting you access to that data. This is where you pass in your consumer key, which you get by registering. The consumer key will be the string anonymous if you are developing an installed application (i.e., mobile app, desktop app, etc). This is a work-around; the alternative would be to embed your client secret or RSA private key within the application itself, which is a very, very bad idea. If you use 'anonymous', you should absolutely be setting the xoauth_displayname parameter. (Actually, everyone should set this parameter, but it's especially important if you're using anonymous.)
Once you have a request token, you then redirect the user to the special authorization endpoint, passing along the request token key in the query string. Assuming the user grants access, Google will redirect the user back to the callback URL that you associated with your request token. The request token is now authorized, but it can't be used directly just yet.
Once the request token is authorized, you can exchange it for an access token key/secret pair. The access token key/secret can then be used to sign requests for protected resources, such as the private data in the API you're trying to access.
For web applications, registering is almost always a good idea. It makes it much easier for users to manage their access tokens and revoke them if your application misbehaves or if they don't want you to have access anymore. If you don't register, your application will probably show up as a fairly scary-looking 'anonymous' in that list. It's really only installed applications that you wouldn't want to register for. You probably also want to register for an API key. An API key will dramatically increase your rate limit and it will also allow Google to get in touch with you if your application starts to malfunction.
I'd link to the OAuth docs, but you've already found them. Hope my explanation helps!
If you're developing on your local machine, you'll continue to get the same result as above.
For more interesting tests, then yes, you'll have to register your app and push it to the app engine.
Google will check if the domainname of the return-url is registered. You could also modify your dns/host-file to point the domain-name you're using to localhost.