I'm writing a simple desktop application that sometimes needs to upload a compressed archive to OneDrive.
It's the first time I'm messing up with OAuth and I'm trying to understand how to show the user the login page and obtain back the access token.
I understand that the login page is called via this url:
https://login.live.com/oauth20_authorize.srf?client_id={client_id}&scope={scope}&response_type=token&redirect_uri={redirect_uri}
Which is the best way to "show" the login page to the user and wait the redirect with the access code using java?
I'm writing a simple desktop application that sometimes needs to upload a compressed archive to OneDrive
You may try to use the device authorization grant flow.
The service will return a signin URL and a code. Your application then
opens a browser to the returned URL
reguralry polls for a token, which is returned if the user signs in and enters the code
There are ways to embed a web page in the java app, but then you will have to handle the redirect urls, etc.. So for the desktop apps, I find the device grant flow the simplest to implement.
Related
We have a legacy application which was developed in Adobe Flex/Java. We have another application being developed in Angular JS. Requirement is to redirect the user from Angular JS app to Flex app. So, we have decided to just do a POST request to Flex app along with passing the parameters in URL. Flex app requires few parameters, like login user details, to login to Flex application. So, When Angular JS redirects the user to Flex app using $location we are also appending the URL with required login user details. However, the problem, I see is , all these values are appearing in browser's URL which is not acceptable to the end user.
My Question is
1) What is the best way to redirect from Angular JS app to Flex app along with passing parameters and not to be visible to users on Browser's URL.
2) If whatever described above is correct, can you please suggest us on how to hide query parameters in browser window ? Can that be handled in Angular JS or do I have to make some changes in Flex app.
Thanks in advance !
There are two more methods to use.
1) Pass parameters to your swf via html embed and read it in swf on load (using FlashVars):
http://kb2.adobe.com/cps/164/tn_16417.html
2) Write login data to browser cookies and read it in swf (using calls to JavaScript in your page via ExternalInterface)
Also please refer to Accessing browser cookies from Flex
Accessing browser cookies from Flex
Original Question:
html form post to flex app
I have a Java desktop application, and I have to open some web page using default browser by click a button. I can do it like this:
Desktop.getDesktop().browse(uri);
But there is a requirement: web page has basic authentication and it must have been passed automatically, without typing login and password by user.
How can I do it?
check out how to operate the Browser (the non-java application) from java using Robots as described here
How is your desktop app authenticating the user?
Do you have an authentication or session ID after the user logs in through your desktop app?
If so, you need to add that to the URI and have a service end-point that knows how to deal with it. Not ideal as you are exposing the authentication ID as part of the URL.
For example
Desktop.getDesktop().browse("https://myservice/loginFromDesktop?auth=" + URLEncoder.encoder(authID, "UTF-8");
This assumes you actually have control over the web service :)
I am working on a desktop project that requires Google Authorization for Google Calendar API using OAuth2.0. The language used is java.
Currently to authorize the project, I have to open the browser using java.swt.Desktop.getDesktop().browse(url), click the "accept" button, copy the authorization code in the redirected page and paste it in my application. And the user has to close the webpage manually. Quite troublesome.
Is there a better, more user-friendly approach to achieve this authorization procedure? The ultimate procedure I want to achieve is only that the application opens the authorization page, the user clicks "accept", the page closes itself automatically and the software is authorized. I have seen this kind of procedure in other applications. It's just that I don't know how to achieve this.
Thanks in advance.
You need to provide a callbackURL. I would recommend using a java library like Scribe to accomplish this - there is a good getting started page and plenty of examples.
EDIT 1
Here is a sample for setting up a callback url
String apiKey = "your_app_id";
String apiSecret = "your_api_secret";
OAuthService service = new ServiceBuilder()
.provider(FacebookApi.class)
.apiKey(apiKey)
.apiSecret(apiSecret)
.callback("myApp://oauthcallback")
.build();
You would need to open an embedded browser in your desktop app, and go to the oauth url as given by OAuthService. Once the user has approved your app, the embedded browser will be redirected to your callback URI. You'll need to detect this and then extract the oauth info included in the callback.
I've never done this through a desktop application (it was always within a servlet/jsp - web app). But if you search for how to detect redirect on a URI in windows, hopefully you will find some examples.
I am currently developing a GWT/AppEngine application that uses the Java Dropbox API.
To pair with my user's Dropbox account I basically recover a URL to the Dropbox website that I need to forward my user to in order to authorize my app; the Dropbox website then redirects my user to a callback URL of my choice.
So I have my GWT app opening this website in a new window/iframe. However I want to be able to check when the user has authorized my app. So I was thinking of starting a GWT request that would only terminate when the callback URL is visited (that can be handled by a specific servlet).
Does that make sense? What is the "good way" of doing it?
On App Engine front end request are subject to a 60s deadline, so that wouldn't be the preferred solution.
If you really want to do the authorization flow in a new window/frame, you can consider communicating between the servlet handling the callback URL and your main application using JavaScript.
Alternatively you can redirect the user to the Dropbox authorization url, and set the callback url to your main application window.
I have website, that implements "Sign in with twitter".
This authorization process:
My site redirects user to twitter, then twitter asks user to allow my website access his account, he clicks "Allow", twitter redirects user back to my site, that gets access token.
Also I have an Android app, that needs to initialize this auth process and finally get result.
I can create intent, that opens url in browser, and all next steps go in browser, but can I hook somehow when browser is closed, or (that will be better) when browser gets final redirect, to check if authorization was OK and my website now can access user's twitter account, and close browser?
Do I need investigate about WebView, or this functionality can be implemented using regular Android browser?
I believe what you are looking for is setting up a custom scheme. With this you can set up a appname as a scheme and when you generate a request token from Twitter with an oauth_callback as appname://callback the user will be redirected back to that uri after authorizing and it will open your app.