I'm trying to set up Google Identity Toolkit (GIT) on a test webpage on localhost. I completed all the necessary steps on Google Console and downloaded the Java sample from the tutorial, and it's working.
Now what I want to do is disable self-registration (which I couln't disable), create users on GIT, send them an email link activation and set password for first time. I took a look at the API provided, but there's no way I can figure out how to use it.
I managed to create users and delete them with com.google.identitytoolkit classes like GitkitClient and GitkitUser, as seen in the example, but I cannot get the email activation and password reset working.
If anybody can point me to some good examples on how to do that, I'll really appreciate it.
Related
I'm a beginner learning android app development.
I have a requirement for a user to be able to Read messages (just the body content - text only) from a Gmail account (Read-only mail extraction?) and save the email content within the app.
I don't need to retrieve messages when the user is not actively using the app.
The app and SQLite database I am building sits on the phones internal local storage. I do not have a backend server.
I have looked at the Gmail API tutorial here: https://developers.google.com/gmail/api/guides/
As I understand, I need to use the Gmail API and ensure that a user of my app can authenticate as a Gmail user.
Is anyone able to advise:
1) if this is feasible to do without a back end server?
2) any tutorials as to how to approach this, or would you recommend just working through the material I listed above?
3) (I understand this is highly subjective) how substantial a task this is to undertake for a learner (This is an educational project, so I am limited by time - if it takes me more than 3-4 days I will run out of time!) An idea as to how long it might take someone who is experienced would help me to grasp the scale of the task.
Google uses Oauth2 to authenticate and track applications connected with a user's account. You will need to get a security key for app from google. Because you do not have server, you will want to get a client only key and not the service key. You can get the client key by going to the Google API Console. For help about how to let the user sign-in to their account you can look at this Android tutorials here. After you get the google sign-in working you can continue on to getting the Gmail messages.
It may seem like a complicated process, but you should be able to have in working in a short amount of time if you go through the tutorials on Google's developer's site. I got a similar app working in only about an hour. To add a nice user interface will take longer, but thats up to you.
A customer wants to reach a section (where a process with a wizard take place) of our app from their portal. It means, from their app (.Net) they want to have a link in order to reach a particular section of our app BUT! without having to go through the login process. Our app is a java app (GWT) and it uses FORM based authentication. I did an implementation with oAuth but they don't want login. I have not idea how to deal with this problem, I don't know if there is an alternative to get logged in by following the way they are looking for.
You probalbly need Single Sign On.
If you choose to go the SSO way, there are some libraries that might help like JCIFS (useful for auth using NTLM) , Jespa. There is also Waffle, but this one works just on Windows server.
This article explore many options for JBoss:
https://dzone.com/articles/choosing-sso-your-jboss
I'm attempting to create an application for both PC (Java) and Android that utilizes Google Drive. I've been messing around with the examples to figure out how OAuth 2.0 works, and I can't find a good method of automatically returning the authorization code to my program once the user has allowed the application to access their data. The Google Drive Quickstart example uses a simple copy/paste mechanism that requires user input, but this is not convenient for the user.
It seems there are several suggested ways to retrieve the authorization code without bothering the user (running a local web server, monitoring the browser window launched for authentication, etc...), but Google doesn't strongly recommend any solution nor do they provide examples of how these solutions would work beyond basic descriptions. The following guide gives a few suggestions in Section 4 (Note: I tried to quote the section but SO wouldn't let me with the number of links/images present):
https://developers.google.com/youtube/v3/guides/authentication#installed-apps
Has anybody implemented something similar in the past, or are there best practices to do this? If possible I'd prefer a solution that would work on multiple platforms (i.e. not using any platform specific libraries).
I suppose it's not a huge deal if the user had to do this once (as I'll be storing a refresh token and using that from then on), but it'd be good to have a way around it.
In Oauth2 protocol, you have two ways of getting the authorization code : via a redirect to an url you have control over (could be pointing to a serve you own or localhost) or via copy pasting.
The first way is what you want, presumably with localhost as redirect uri, as you lauch the flow from you desktop app on the user's machine. You'll have no choice but to make your app spawn a little http server that can handle the code url parameter. However, you'll have to be hackish : how do you launch a web browser from your app, for any OS it can run on ? how do you the case where the user's machine is configured to refuse inbound http connection ?
IMO, best course of action is to go for the copy pasting : user knows what happen
I just implemented an oAuth2 solution for Google Drive. I ended up creating a service account via Google App Engine. Here is a good link to get started:
https://developers.google.com/drive/service-accounts
There is a Dr. Edit example that will work you through editing drive objects like spreadsheets.
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(scopes)
.setServiceAccountPrivateKeyFromP12File(pk12)
.setServiceAccountUser(ACCESS_DOMAIN_IMPERSONATE) // <-- set user email here
.build();
There are a few things you need to do in your Google domain admin console/cpanel for your domain.
Check the following SO answer I posted a day or so ago:
OAuth Google API for Java unable to impersonate user
I have a web base email client that uses a java app to connect to IMAP and POP3 servers to download email. There is an issue that if a user usually logs in form the US that the java app will not have access to collect emails until that user logs in from the same county the java app is running.
I was told to overcome this to use google oAuth in order for the account user to give permission to my app to collect emails. Is this correct? Once this has been accomplished I would also like to the the API to import contacts, but for now authorization/authentication is sufficient.
The problem I am facing is that after trying to make heads a or tails of the google oAuth api documentation im really confused and did not yet manage to make a working example. Documentation often has links to a depreciated API and there is no example with a dowload link to both the API needed and exaple source code, as a result I think im using incorrect libraries for my examples.
Its also not clear to me what/how to accomplish what is needed do I use client authentication via javascript to create a popup whereby the user grants access?
Or do I use installed app client with a token and secret, this is what I tried but the 'command line' example I tried requires Java EE and this is a native app so I dont see why and I dont want to import all Java EE libraries to my small email downloader app.
Where can I find more intuitive documentation and working examples on this?
If you stay away from OpenID 2 and OAuth 1, I think the docs are pretty orderly these days. The best place to start is https://developers.google.com/accounts/docs/OAuth2
I'm trying to see if it's possible to log into a wifi access point (AP) that requires web authentication. I know that using .getScanResults() I can get security information from an access point with the .capabilities field of the scan result. But this value is left blank for an access point I am trying to connect to in which I know requires web authentication.
If I already know the credentials (ie: username/password), is it somehow possible to connect to this AP and then enter the credentials to use the wifi as normal?
I've found this question on this site, but it does not really answer this question.
How to check WiFi is pass through web page login?
Any help is appreciate, some sample code is even better.
Thanks!
One of the easiest ways to automate web page operation is using HTMLUnit.
http://htmlunit.sourceforge.net/
I used it with great success recently to log in and control a web-based KVM switch.
You can put it to a URL, tell it to fill out certain form fields and click certain buttons. In my experience it is very reliable.
Here's an example:
http://www.capybara.org/~dfraser/archives/378
I'm driving it from Groovy, but you can get the idea...