I am working on a desktop project that requires Google Authorization for Google Calendar API using OAuth2.0. The language used is java.
Currently to authorize the project, I have to open the browser using java.swt.Desktop.getDesktop().browse(url), click the "accept" button, copy the authorization code in the redirected page and paste it in my application. And the user has to close the webpage manually. Quite troublesome.
Is there a better, more user-friendly approach to achieve this authorization procedure? The ultimate procedure I want to achieve is only that the application opens the authorization page, the user clicks "accept", the page closes itself automatically and the software is authorized. I have seen this kind of procedure in other applications. It's just that I don't know how to achieve this.
Thanks in advance.
You need to provide a callbackURL. I would recommend using a java library like Scribe to accomplish this - there is a good getting started page and plenty of examples.
EDIT 1
Here is a sample for setting up a callback url
String apiKey = "your_app_id";
String apiSecret = "your_api_secret";
OAuthService service = new ServiceBuilder()
.provider(FacebookApi.class)
.apiKey(apiKey)
.apiSecret(apiSecret)
.callback("myApp://oauthcallback")
.build();
You would need to open an embedded browser in your desktop app, and go to the oauth url as given by OAuthService. Once the user has approved your app, the embedded browser will be redirected to your callback URI. You'll need to detect this and then extract the oauth info included in the callback.
I've never done this through a desktop application (it was always within a servlet/jsp - web app). But if you search for how to detect redirect on a URI in windows, hopefully you will find some examples.
Related
I'm writing a simple desktop application that sometimes needs to upload a compressed archive to OneDrive.
It's the first time I'm messing up with OAuth and I'm trying to understand how to show the user the login page and obtain back the access token.
I understand that the login page is called via this url:
https://login.live.com/oauth20_authorize.srf?client_id={client_id}&scope={scope}&response_type=token&redirect_uri={redirect_uri}
Which is the best way to "show" the login page to the user and wait the redirect with the access code using java?
I'm writing a simple desktop application that sometimes needs to upload a compressed archive to OneDrive
You may try to use the device authorization grant flow.
The service will return a signin URL and a code. Your application then
opens a browser to the returned URL
reguralry polls for a token, which is returned if the user signs in and enters the code
There are ways to embed a web page in the java app, but then you will have to handle the redirect urls, etc.. So for the desktop apps, I find the device grant flow the simplest to implement.
I have a Java desktop application, and I have to open some web page using default browser by click a button. I can do it like this:
Desktop.getDesktop().browse(uri);
But there is a requirement: web page has basic authentication and it must have been passed automatically, without typing login and password by user.
How can I do it?
check out how to operate the Browser (the non-java application) from java using Robots as described here
How is your desktop app authenticating the user?
Do you have an authentication or session ID after the user logs in through your desktop app?
If so, you need to add that to the URI and have a service end-point that knows how to deal with it. Not ideal as you are exposing the authentication ID as part of the URL.
For example
Desktop.getDesktop().browse("https://myservice/loginFromDesktop?auth=" + URLEncoder.encoder(authID, "UTF-8");
This assumes you actually have control over the web service :)
I'm developing an Android app that uses Google+ signin. I searched in the net and this guide in stackoverflow is really helpful:
Google Account login Integration for android Xamarin
Now, i miss one step.
I created an oauth web client id in the google developers console (not android client id) using the redirect url, like the guide said, http://abcd.com/xyz.aspx , and works. But i can't use it!
So i tried http://localhost (doesn't work) and google urls like urn:ietf:wg:oauth:2.0:oob, urn:ietf:wg:oauth:2.0:oob:auto but i can't even set it in the textbox when i create the client id because is invalid url format (it wants the http://, and yes, it doesn't work as well).
I haven't got a web application with an aspx view to redirect, i'm developing an android app. So what could it be my redirect url?
Thanks for any help!
I'm attempting to create an application for both PC (Java) and Android that utilizes Google Drive. I've been messing around with the examples to figure out how OAuth 2.0 works, and I can't find a good method of automatically returning the authorization code to my program once the user has allowed the application to access their data. The Google Drive Quickstart example uses a simple copy/paste mechanism that requires user input, but this is not convenient for the user.
It seems there are several suggested ways to retrieve the authorization code without bothering the user (running a local web server, monitoring the browser window launched for authentication, etc...), but Google doesn't strongly recommend any solution nor do they provide examples of how these solutions would work beyond basic descriptions. The following guide gives a few suggestions in Section 4 (Note: I tried to quote the section but SO wouldn't let me with the number of links/images present):
https://developers.google.com/youtube/v3/guides/authentication#installed-apps
Has anybody implemented something similar in the past, or are there best practices to do this? If possible I'd prefer a solution that would work on multiple platforms (i.e. not using any platform specific libraries).
I suppose it's not a huge deal if the user had to do this once (as I'll be storing a refresh token and using that from then on), but it'd be good to have a way around it.
In Oauth2 protocol, you have two ways of getting the authorization code : via a redirect to an url you have control over (could be pointing to a serve you own or localhost) or via copy pasting.
The first way is what you want, presumably with localhost as redirect uri, as you lauch the flow from you desktop app on the user's machine. You'll have no choice but to make your app spawn a little http server that can handle the code url parameter. However, you'll have to be hackish : how do you launch a web browser from your app, for any OS it can run on ? how do you the case where the user's machine is configured to refuse inbound http connection ?
IMO, best course of action is to go for the copy pasting : user knows what happen
I just implemented an oAuth2 solution for Google Drive. I ended up creating a service account via Google App Engine. Here is a good link to get started:
https://developers.google.com/drive/service-accounts
There is a Dr. Edit example that will work you through editing drive objects like spreadsheets.
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(scopes)
.setServiceAccountPrivateKeyFromP12File(pk12)
.setServiceAccountUser(ACCESS_DOMAIN_IMPERSONATE) // <-- set user email here
.build();
There are a few things you need to do in your Google domain admin console/cpanel for your domain.
Check the following SO answer I posted a day or so ago:
OAuth Google API for Java unable to impersonate user
I am currently developing a GWT/AppEngine application that uses the Java Dropbox API.
To pair with my user's Dropbox account I basically recover a URL to the Dropbox website that I need to forward my user to in order to authorize my app; the Dropbox website then redirects my user to a callback URL of my choice.
So I have my GWT app opening this website in a new window/iframe. However I want to be able to check when the user has authorized my app. So I was thinking of starting a GWT request that would only terminate when the callback URL is visited (that can be handled by a specific servlet).
Does that make sense? What is the "good way" of doing it?
On App Engine front end request are subject to a 60s deadline, so that wouldn't be the preferred solution.
If you really want to do the authorization flow in a new window/frame, you can consider communicating between the servlet handling the callback URL and your main application using JavaScript.
Alternatively you can redirect the user to the Dropbox authorization url, and set the callback url to your main application window.