we need to implement a client Java application, which needs to retrieve ToDos list from Wunderlist using user name and password.
The main issue here for me is authentication against Wunderlist without any intervention from an end-user.
The developer documentation says that it is only possible to authenticate via web browser with user approval, etc.
The unofficial API from here http://www.madhur.co.in/blog/2014/05/02/decodewunderlistapi2.html doesn't work for me, i.e. doesn't recognize my Wunderlist user name and password and always returns 404 error.
Any examples or ideas would be greatly appreciated!
TIA.
the WL2 API was disabled some time ago :)
please send an email to api#wunderlist.com and we will see what we can do to help you.
Cheers
Hannes
(android dev # 6wunderkinder.com)
On developer.wunderlist.com you can register your application. You'll then receive a client id and token you can use to authenticate:
Developers must register their application before getting started.
Registration assigns a unique client ID and client secret
for your application’s use.
After you have registered your application, you can let Wunderlist
users authorize access to their account information from
your application by getting an access token.
More info here: https://developer.wunderlist.com/documentation/concepts/authorization
Related
I'm using angular, google app engine and JAVA on the backend server.
User can authenticate without problem with an opendId connect URL where code is passed back to my server to authenticate.
Now what I wan't to do is send mail to user (refresh password, confirm account mail) and to myself (server error message) with my account myaccount#gmail.com.
Also I have sheets I need user to write and read datas to/from. Magically I've made it worked as an installed offline app (only 1 api at a time, I never made the two worked together).
I've tried service account but from a last post somebody explained me that in order to make gmail work I needed a g suite account which I don't have and suggest me to go through oAuth2 authentification. Now the question is how can I implement that in java with a single authentification, I explain, I wan't to authorize app to have access to certain scopes but it should be only be authorized once because I don't want user to have a consent screen popup and even if they had they couldn't authenticate as it is on the behalf of my personnal account. I don't think I can use installed app for a google app engine app but maybe I'm wrong.
just to let you know I have tried lot's of different manners and spent about 3/4 days trying to find a solution without clearly understanding/finding what to do.
Any help is greatly appreciated please let me know if you need more explanations or code.
I think you are missing a few key concepts here.
DATA
There are two types of data private user data and public data. Private user data is owned by a user and there for you must have permission or concent to access it. Public data is data that is owned by anyone.
Oauth2
Oauth2 is the protocol we use to request connect from a user for our applications to access their data. A user can grant you access to their gmail account and their google drive account granting you access to the sheets on their account.
Service accounts
Service accounts are preapproved dummy users. As a developers we can create service accounts and grant them access directly to our drive account then the service account will then be able to access to the data without being requiring consent as it already has pre approved access. (not all google apis support service accounts. gmail (with the exception of gsuite) and YouTube are two that dont)
What you are trying to do
However i do not understand why you want to use the users gmail account to send them an email. If you want to send them an email i would think you would be using your own email system.
If what you are trying to do is use your gmail account to send users of your application emails from YOU. Then you should consider going directly though the SMTP server to your own account. Having an application that uses the gmail api is one of the scopes that will be flagged by google when you try to get your application approved. You are going to be going though a lot of red tape with them to show why you need access to a users gmail account.
First of all, sorry for my poor english as it is not my native language.
So my coworkers set up a Salesforce authentication via openld on a Java Android app. The auth demand gets us back a valid access_token, which allows us to obtain informations on the Salesforce API.
The problem is that when the user disconnects from the application, the connexion is still active and doesn't ask again for user's password, which is an obvious security issue. Do you know how we could force a new authentication each time the user disconnects ?
We already tried token revocation but it also revokes every rights from the user, which doesn't satisfy us. We just need the app to ask for a login after a disconnection.
Thanks in advance !
Salesforce SDK saves the login details in preferences, thus it doesn't ask for authentication the next time user visits the app. You can logout of Saleforce to clear the saved data using this:
SalesforceSDKManager.getInstance().logout(this);
Imagine you've to implement following user story:
"User should be able to publish message on social media(facebook/twitter/etc) using simple web form and one-click button[without need to login in fb/twitter/etc]."
In general, authentication in social networks is based on OAuth 2.0. Facebook distinguish three types of access tokens:
User access token
App access token
Page access token
I've tried first option with facebook4j, and it's working - however, we are supposed to supply token each time, we want to use it. I've found long-lived tokens, but their validity is also limited - 60 days.
Generating app access tokens is very simple, but I haven't succeed in publishing any post. From facebook docs:
App access tokens can also be used to publish content to Facebook on
behalf of a person who has granted an open graph publishing permission
to your application.
Page access tokens - I haven't tried. Is it possible to publish message on fb/twitter simultaneously, without login, of course, to predefined destination(fb wall)? If so, please provide me with any working example :)
Thanks in advance
I am planing to write an API for a mobile app. To lower the barrier for first time users i do not want a login screen on the first start. So what I want is, if the app notices it is it's first start it should register itself:
/register
A standard User should be generated like Name: GuestXX43, Authtoken XX43-58asda5-54asd, some additional Data
The user is now able to make other endpoint request due to its auth token.
But how do I check for the correct auth token on every Request?
/user [Update]
the user is also able to update his username and password to reloggin on another Device.
Which auth method will suite these thoughts, is there any doubt using this kind of auth flow?
Thanks guys
Are you using Google Cloud Endpoints? If the user credentials is set in some header, you can retrieve it in the backend via injecting HttpServletRequest in Java or check HTTP_YOUR_HEADER_NAME environment variables in Python.
Also you can try custom authenticator if you uses Java; this post can be relevant: Google Cloud Endpoints and user's authentication.
I have the following piece of code which authenticates the registered user in ServiceNow via webservice call.
HttpTransportProperties.Authenticator basicAuthentication = new HttpTransportProperties.Authenticator();
basicAuthentication.setUsername("username");
basicAuthentication.setPassword("password");
options.setProperty(
org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,
basicAuthentication);
options.setProperty(
org.apache.axis2.transport.http.HTTPConstants.CHUNKED,
Boolean.FALSE);
But it doesn't authenticate the user, instead I am getting an exception that says "Insufficient rights to create new records".
Couldn't find a solution for this even in service now community pages. Could it be a problem with the code or the ServiceNow instance that I am using? Any help is appreciated.
Thanks
Note: Along with the above code, I even have the code to create the incident which is not mentioned here.
The message you're seeing is not telling you that authentication failed, just that the user as whom you are authenticating lacks sufficient privilege to do what you're trying to do.
The solution depends on the configuration of the instance hosting the direct web service you're consuming. This wiki article overviews all of the potential causes of your insufficient access.
If your user can create records interactively (in the UI), my guess is that your user lacks the special SOAP roles which allow SOAP activity. From the referenced wiki:
5 Web Service User Roles
5 Web Service User Roles
When basic authentication is required for web services, enabling the
glide.soap.strict_security property validates the authenticated SOAP
user with Contextual Security as well as validates the SOAP action
with the user assigned roles. The following roles are available for
securing any inbound SOAP requests:
The roles table is here, give yourself the soap role in the ServiceNow instance, and you should be good.
I couldn't find an answer for this question in service now community as well. Eventually I had to start working with another instance. Hence I believe this is a problem with the service now. let this be useful for anyone who comes across this problem.