I am working on my first chrome app and am trying to learn by digging through some of the sample apps. Right now I am working with the gdrive app (https://github.com/GoogleChrome/chrome-app-samples/tree/master/gdrive).
The README says that this app "uses the chrome.identity.getAuthToken() API to perform OAuth2 and access the Google Drive API."
When you authorize the app, a screen pops up confirming your authorization and in the top right corner it has the email you are trying to sign in with (johndoe#gmail.com).
I want to save "johndoe#gmail.com" as a string so I can display it when the user is logged in.
Does anyone know how I would go about doing that? I am fairly new to using these APIs, so I am a bit clueless.
Thanks!
It's pretty easy to display the name that the user probably wants you to display ("Eric Austin" in your case). https://github.com/GoogleChrome/chrome-app-samples/tree/master/identity demonstrates how to do this. Look for the displayName field in the personal data response.
If you really want to display the user's email address (and take the risk that many users will decline to give your app access to their contact information), check out Google's OAuth2 docs and follow the steps to obtain the id_token listed in Step 5.
Related
I am trying for few days to implement into my website a "sign in with google" button using the new Google identity services for web. Google is about to deprecate their old Javascript api.
I did everything as their documents suggest but it just doesn't work.
I need a page that contains the "sign in with google" button and the endpoint page in my website that will have a sign out button and do the sign out when clicked. The most important thing of course is that my website will get the user name, email and photo from google and this is exactly where I am having hard time getting these details back from google's servers. I configured everything right at the google developers console including getting a client id and setting the domain.
Can anyone please help me by writing the necessary code for each page ? Sign in, sign out and get the user's details as long as I am signed in. Thanks a lot in advance !
I tried to implement a sign in button with google and it did not work.
This is the link to their documentation:
https://developers.google.com/identity/gsi/web/guides/overview
I am building an app using HTML, CSS, and Javascript, and am trying to configure OAuth to use it to access data from the Goodreads API. I basically want to get a list of books that a Goodreads member has read in the current year and display statistics about the metadata of these books. I'm pretty new to Javascript and using API's and don't have a super good grasp on OAuth and API authentication in general so I would really appreciate it if it could be explained as simply as possible.
From what I understand I need to create a login button on my page that contains a link that looks something like this:
http://www.goodreads.com/oauth/authorize?oauth_token=SCDMymQWcIE8GnxmSA
When the user clicks this button they'll visit goodreads.com where they'll login to their account. After accepting the permissions, the user will be redirected to back to your site along with an access token that would contain the user's ID. At this point I would use the user ID to pull data about the books on their shelves.
I'm not really sure how to go about writing this in my Javascript file though. How do I go about authorizing via OAuth and storing the user's ID? From the Goodreads Developers group it seems like the Goodreads API uses OAuth 1.0 which I believe is relevant to how I will need to approach this.
All I want to do (for now) is have the end user authorize, via Oauth, permission to view email address, and have the script put that email address into my spreadsheet.
In testing, this works great. Buttons are clicked, tokens are exchanged, magic is made, all as expected when using my account, but when I publish and test with another account I get:
The state token is invalid or has expired. Please try again.
When I change...
"Execute the app as: Me"
to...
"Execute the app as: User accessing the web app"
...the second test account works, but I get no results on my end (obviously).
This makes me think that I've hit some limitation with the data exchanging across accounts, but this just doesn't seem right. This seems like a pretty normal thing to attempt. Maybe I'm wrong.
I'm happy to edit this question and share any code needed, but I'm pretty much using code straight off of googlesamples/apps-script-oauth2
I guess I'm mostly asking if I can do what I'm trying to.
Here's the web-app.
Please help
I want to allow my users to have an account on my website using their Google Account to log in (pretty much like on Stack Exchange here). There's a lack of post-2012 guides on this matter on the net so I'm following Google's guides which I find a bit cryptic.
I've successfully followed this guide on Initiating the Google+ Sign-In flow with JavaScript and I can get the access_token with authResult['access_token'].
What should I do after this? This access_token is apparently unique and will be different each time the user logs in. Now that my user has logged in using Google+ how can I POST a code to my server page to uniquely identify this user and start a PHP session for his account?
Make a POST request to your server with the access_token so your server can make an authenticated request to people.get. This will return the users Google+ id an optionally their email address you can use to identify them.
I want to implement something similar to what Digg has done.
When the user logs in for the first time, I want it to force them to create an account on my site.
More importantly I want to know how to log a user into my site when they login with facebook connect. If they login with facebook connect, they still haven't provided me the password to their account on my site, so I can't use username/password to log them into my site. How do they do this on Digg or sites similar to this?
Facebook's process flow can definitely be a bit confusing. Take a step back from the details and the API, and look at the overall flow here:
Facebook Connect will tell you that a user is logged into Facebook, and give you their Facebook ID. You can validate that ID against Facebook using Facebook Connect to make sure it is properly logged in. Once this is done, you don't need a user name and password. As long as you trust that Facebook has authenticated the person properly, they are the only ones that can come to your site using that Facebook ID. That is enough information to start an authenticated session based around a local account that is associated with that ID.
The process you should follow is like this:
User logs in to your site with
Facebook Connect for the first time
You notice that you don't have a local account associated with that
Facebook ID, and prompt them to
enter local account information
You save that information along with their Facebook ID
The next time you see that Facebook ID (and validate that it is
logged into Facebook using the
Facebook API), you can start up a
local session using the associated
account.
Basically you end up with two separate methods of authentication: a Facebook Connect ID check, or the regular username/password login on your site. Either one should have the end result of starting a local authenticated session.
Hope that helps.