I'm working on a Java app that uses JavaMail. Currently, I'm trying to connect to a mail provider that uses OAuth2. The provider returns an access token and a refresh token. After sometime, my app doesn't work because the access token has expired. I now need to use my refresh token to get a new access token. However, I'm not sure how to do that in JavaMail.
Is there a way to use the refresh token to get a new access token in JavaMail? If so, how?
Thank you
You don't use JavaMail to do this, since OAuth can be used with other protocols and services. Depending on the OAuth provider, you should be able to issue an HTTP request of the proper form to get a new access token based on the refresh token.
There's some pointers on the JavaMail wiki that might help.
Related
I am writing a service that will access a Google Nest Thermostat, and need a Google Oauth2 token in order to do so. All of the documentation I can find references a browser-driven login to identify, authenticate, and then store a token as a cookie.
All of my OAuth experience has involved receiving a secret and/or API key, and then using that against a token service to get a security token. I then use that token for subsequent API endpoints. All of the Google docs / samples tell me I have to get my "headless" service to log in via browser and get a token via a redirect, the same way I'd log in to any other service using my Google credentials. Is there a way to do this without a live browser session, i.e. just a Google endpoint that I trigger with my secret data, to get a token to use with the Google Smart Home APIs?
My quarkus backend is calling a rest web service which requires an access token. The access token is generated using client id, client secret and grant type client credentials. The token is valid for a couple of days.
This quarkus backend then propagates the data to an angular frontend.
I have a couple of questions:
Is there an out of the box implementation from Quarkus framework?
If not, please guide me if I should use httpclient or any other library for getting the access token.
How to check for refresh token?
How to save the access token, so that it can be used for other requests by other users?
Otherwise I end up generating an access token every time a user calls the rest service.
Since there is no answer, I will write here how I implemented this:
I use a java.net.http.httpclient to call the oauth server for getting the token with the client id and secret.
I cache the token using quarkus-cache and when the token expires, the quarkus-cache is invalidated and rebuilt with the new token.
Suggestions or better solutions are welcome.
I need to make a simple query SELECT url FROM url_like WHERE user_id={friendId} in my Facebook app that I build with help of Spring Social. To do this I use authentication code provided by this library. The authentication works fine. But the query mentioned above returns an empty array. I would like to emphasizes that all the needed permissions are given (user_likes and friend_likes). However similar access token given to me by facebook graph explorer works perfectly.
Access token debugger from Facebook says that both tokens are valid and have needed permissions. The only difference in the duration of token validity: my app gives token that expires in 2 months and Graph Api gives for an hour.
What is the reason of this strange behaviour? Why token given by my app with needed permissions is unable to make this query. How to fix this issue? Thank you in advance.
UPDATE
Ok, it seems that Facebook gives access token for application that is different from access token of a user. So now the question is how to get user's access token with Spring Social Facebook?
You need to submit a post request to spring social ConnectController for the specific provider e.g. http://wwww.yourdomain:8089/connect/facebook. Spring social then will redirect the user to facebook authorization page where the user will grant your app with the asked permissions and send back a code to your server. Spring social then will exchange that code for an access token. You need to establish a connection for that user to be able to perform requests against FB on his/her behalf. Here is a doc page that might help http://static.springsource.org/spring-social/docs/1.0.0.M2/reference/html/connecting.html
I'm writing a standalone application with accesses the Adwords API. The oauth2 authentication and authorization works fine.
My problem is that I want to save the refreshtoken in a textfile and use it directly the next time I run the app to restore my credentials. The refreshtoken should be valid for 14 days, so restoring the access credentials would very good.
I haven't found an example which works. Can someone help?
The refresh token is not much different from the authorization tokens.
OAuth2.0 has several flows that can be used to get access to the servers. The common (and savest) flow is the so called Authorization Code Flow (detailed info here).
There your application asks the authorization server for an authorization code the first time the user wants to use your application. The user will get that authorization code over the website when he logs in and grants your application access to the service. Your application sends this code to the authorization server in order to get the first access token(and with it the refresh token). It is the same server you need to send the refresh token to.
Now, I don't know exactly what the server's uri is in your case, but this would be an example of a POST request you can send the server:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
client_id=YOUR_CLIENT_ID_HERE&
client_secret=YOUR_CLIENT_SECRET_HERE&
refresh_token=THE_REFRESH_TOKEN_HERE&
grant_type=refresh_token
If the request is valid, the server will respond with a new Access Token. Here you can find more informations about the specific requests you can make.
Keep in mind that every token (access- and refresh tokens) have to be stored savely. The best way to do this is to save it encrypted and when sending the tokens use only POST requests and https. But this wasn't your question.
I hope I could help you with this.
I have successfully sent emails in my application using OAuth 1.0a (using Signpost) by constructing an XOAUTH string as described here. The problem is that access tokens expire after an hour and this XOAUTH won't authenticate the user for SMTP server after that.
Is there a way to extend/refresh the access token's lifetime without user's intervention? I know this Android app does that, but how?
I managed to upgrade to OAuth 2.0 (using Scribe) where I'm given a refresh token as well, but it looks like Gmail XOAUTH doesn't support OAuth 2.0 tokens. Does Google provide another way to send emails?
I just managed to fix it.
The OAuth 1.0 access token is actually long-lived, but the XOAUTH string is valid for a short period of time, hence needs to be created/signed frequently.