I have a custom OAuth2 server that I set up in Rails using Doorkeeper. It works great with my Rails apps and NodeJS/AngularJS apps. I pass an account ID and redirect URI to the server, it sends back a code, which I then send again to get a token with user information.
I am trying to find a guide or basic code I can alter to allow it to login with my own server. Unfortunately I can't find any guides for this or standalone OAuth2 packages for Meteor that have documentation.
Related
I want to make Shopify non - embedded apps, I have installed the pre-built code which Shopify provides to build an embedded app. In the server.js file, after the user installs our app, it gets the access Token successfully. In order to make an API request to graphql server, it requires the access token to the headers. I am struggling with this point, I don't know how to get that access token from the backend and make API calls on the frontend, I want to use Apollo Client to show query data on the frontend, but I don't know how to use that accessToken after the merchants install the app, it has generated it in the server.js file, which is the backend. Are there any tutorials or docs on what I am trying to achieve.
It seems like this is going to apply for any type of front-end that you're using and isn't specific to Apollo, have you tried checking the related doc? If so, add the relevant code to your question ðŸ¤
I have a node server that authenticates with a third party (like stack overflow does) using oauth. When the third party hits my callback and I authorize the request and get the access token and other info, I want to then pass this info to a react app I made, so then the react app can make REST calls to using the access token straight from the provider.
I am new to react and node, but am able to make a node server that can get the access and refresh token info. I am new to 'serving' and serving a react app. I have been serving using
app.use('/client', express.static(__dirname + '/client'));
to serve react apps, and this works great to a limited extent. The situation I am currently in exceeds the extent and I want to learn how to send the oauth info along with my react app back after authorizing in the callback. The flow I am using authorizes the request in the callback and then does a redirect back to the /client route to render the app, which fails to pass any oauth info to the client. Is there any way to set the header before that redirect to have the oauth info, and then some how get that oauth info in the react app?
I am posting here to get some advice on some avenues and resources I should read up on, and maybe some suggestions for my current situation. I am eager to learn more on express and am currently looking to set the header with the info I need and then serving the react app as a file or something, I am not sure yet.
Thanks to all in advanced!
I'll give my best to answer your question. So the problem with SPA(Single Page Application) and OAuth login is that the only way to transfer data with redirects is URL query string. The JWT(JSON Web Token) would allow this, but it's only supported in mobile native SDK-s. Solution for the web, without using the popover flows here:
For Node.js I suggest to use Passport.js OAuth modules, the login flow:
Example /auth/google -> redirect to Google login page.
On success, you get redirected back to callback url /auth/google/callback
You also get back the access_token, refresh_token, basic profile information etc.
No sessions are used so we use the JWT and generate the token on server side.
Redirect back to application with the token: app.example.com?token=JASJKDk..
On client side extract the token from query string.
This is just one possible flow that you might use, instead of JWT you could also use session/cookie solution.
Hi I'm wondering how to configure the passport-twitter npm package to allow authenticated users to post tweets from the app I'm currently building, using their own twitter account.
Also, are their node packages that are more suited to using twitter functionality that requires access tokens? Like this?
https://www.npmjs.com/package/passport-twitter-token
passport is only for oauth, i.e to signup/signin via strategy like twitter. its not to use the twitter API as whole.
However on signup/signin you can use the token , to communicate with twitter independently. If you go out for third party modules, then I doubt you will not find one which smoothly co-exist with passport. they may have their own handles.
For facebook strategy I did the same. I have not used any third party module. instead I directly called facebook Graph API using http request and passed the same token which passport has given me and I was successfully able to post stories on facebook wall using that token.
I am creating a JavaScript app which runs in browser of the desktop user, I need to display some data from SharePoint Online site, how do I authenticate and get display data in the App?
What kind of data did you want to display? As far as I know, we can query the data from SharePoint online using Microsoft Graph API. To use this API, we need to register the app first and in this scenario, we can register a client app(refer to here).
Then we can use the ADAL.JS to authenticate the application. For a sample demonstrating basic usage of ADAL JS please refer to this repo.
And if you were developing an SPA app, we can use the OAuth 2.0 Implicit Grant protocol to obtain an ID token (id_token) from Azure AD. The token is cached and the client attaches it to the request as the bearer token when making calls to its web API back end.
No you can't do this using JavaScript. You should use the Client Object Model (CSOM) to achieve the same.
If you want to achieve the same please refer the url
https://github.com/nickvdheuvel/O365-ADALJS-examples/blob/master/Authenticate-an-Office-365-user-with-ADAL-JS/Authenticate-an-Office-365-user-with-ADAL-JS.html
Hope this information helps you.
I am trying to implement Oauth2 for my application. For server side its completely done.
My scenario is
I want to provide my own api's like twitter and facebook do. The normal procedure of Oauth2 is imlemented properly on server i.e.
user need to create one application on my developer console
After that he will get client_id and client_secret
get the accesstoken usint "code", "client_credentials" or "password"
use this accesstoken to access API's.
This flow is done.
Ex.To get code
http://localhost:8000/api/rest/rest-auth/o/authorize?response_type=code&client_id=391279895fa4bf4fcbddcd953dfe0d48&redirect_uri=http://localhost:8000/api/rest/email
Result is {"code":"5YH2ccrExsknqUrmFerMgfzriCXda1"}
And using this code i am getting access_token.
My main concern is that my client is in angular js. What i am not getting here that how to get the access_token using grant_type "code".
I am able to get the access_token using grant_type "client_credentials" from my angular application.
But here i am not able to get how to show popup window to user to grant access to get access_token from angular application and get response back to my client app.
From my understanding facebook and google has there own client.js i.e. clients from which they manage these requests.
What should be my approach here. Provide any useful links if available.
I want to implement Oauth for my own apis not foe google and facebook.