how can i use oauth2.0 to get users google profile info on android app. I need the proper code/ example for an android app. I need the users information like :
profile photo
birthday
gender
location
Thanks
Google OAuth will require the following steps:
1.Register with Google here. after registering ,in the INSTALLED APPLICATION section you will get your REDIRECT_URI and CLIENT_ID
2.The REDIRECT_URI and CLIENT_ID obtained above now will be used in the following url.
https://accounts.google.com/o/oauth2/auth?" + "scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile"+ "&redirect_uri=" + REDIRECT_URI + "&response_type=code" +"&client_id=" + CLIENT_ID;
3.This url will take you to the Google Authentication page, here google takes over and you enter your account details. Further, it is redirected to the approval page, where the user allows your app to use their google data.
4.Now, as a response to this you get ACCESS CODE from google as a JSON or in the title of the html page. Parse the ACCESS CODE.
5.With the ACCESS CODE you will now make a POST request with the following post data to get the ACCESS TOKEN.
'code' // this is the access code
'client_id' // same as earlier
'client_secret' // you will find this on the google page where you registered
'redirect_uri' // same as earlier
'grant_type' = "authorization_code" // as is
6.You will now get the ACCESS TOKEN in a JSON as "access_token" . parse this access token.
7.Make use of the Access token to make a call on the following url
https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=your_access_token_here
8.You will get the users data as a response to this call as a JSON.
Here are additional docs that you may need:
https://developers.google.com/accounts/docs/OAuth2InstalledApp
Related
I've been trying to add Google Sign-In in Android but have a couple of doubts.
From the Android documentation Integrate google sign in android
In the server side authentication part Client Id is required which is OAuth 2.0 web application client ID for your backend server.
From android's documentation:
Get your backend server's OAuth 2.0 client ID
If your app authenticates with a backend server or accesses Google APIs from your backend server, you must get the OAuth 2.0 client ID that was created for your server. To find the OAuth 2.0 client ID
From my understanding the flow would be:
Android app will get the auth code from google which will be passed to the backend.
The backend will get the access token with the auth code from the android app and the client secret.
With the acess token we get the user's information and the access token is saved in the database.
My doubts are:
I read somewhere on StackOverflow that we need to create two OAuth client one for Android and one for Web Application. Is this True?
Django Rest Auth Login View need to have one redirect_url defined but I don't understand what would be the redirect_uri in case of Android device or we need to pass this URL while getting the auth code from Google.
On OAuth Playground I put my backend's client id and client secret and got the auth code and when I passed this auth code to my login view I was getting the redirect_uri_mismatch but If I put redirect_url = 'developer.google.com' It works, I guess the auth code contains host information from where it is generated that's why this should be the same as redirect_url in my rest-auth view but then for android what it should be?
Here is my Google Login View.
class GoogleLogin(SocialLoginView):
adapter_class = GoogleOAuth2Adapter
client_class = OAuth2Client
callback_url = 'localhost:8000' # What this should be?
Please ask for more information If I forgot to put any.
I am using this
django-rest-auth
Some helpful link -
https://github.com/Tivix/django-rest-auth/issues/262#issuecomment-256562095 # It says callback URL could be a fake one but I get redirect_uri_mismatch
So Finally, I figured it out, Answering my own question so someone might find this helpful.
Yes, you need two client id one for your Android device and one for your web application.
Just add http://localhost:8000/accounts/google/login/callback/ as callback_url in the GoogleLoginView and put the same in your Google developer console.
I don't know exactly if the auth code generated by the Android contains any host information or not but it seems as long as the callback URL you added in the login view class and in google developer console is the same it will work.
Your Google sign in view should look like this.
class GoogleLogin(SocialLoginView):
authentication_classes = (JSONWebTokenAuthentication,)
adapter_class = GoogleOAuth2Adapter
callback_url = 'http://localhost:8000/accounts/google/login/callback/'
client_class = OAuth2Client
Note: You only need callback_url and client_class in case where you are passing the auth code to this view but if in you are passing the access_token then callback_url and client_class is not necessary.
I want to use following OLA APis,
Products: Checks availability of taxis from pick up address
Products: Checks ride estimate from pick up address to drop off address
bookings/create: To book a Taxi
First two of them requires X-App Token, which I implemented successfully, but Booking a taxi requires X-App Token and authorization both. I got X-App Token while registering app. but unable to get authorization.
I suppose we can get authorization token after login. But no API available for login. So could anyone please tell, where we can get authorization token.
It may be possible we can get authorization token from "http://api.ola.gemius.com/auth/login", but it says "Wrong email or password", while I am already registered on OLA.
After registration of your APP, you will get below details
X-APP-TOKEN
OAuth URL
Redirect URI
If you run above OAuth URL, it will ask to login/register. After successful login, it will ask to accept/deny, click on accept then it will redirect to "Redirect URI" with the access_token value. check the below sample code.
localhost/ola/getdetails.php#access_token=1b0f48c26ee149cda389319106b17078&state=state123&scope=profile%20booking&token_type=bearer&expires_in=15551999
Note: access_token is the one which you want substitute against authorization
There are login apis-
Check the below link-
http://api.ola.gemius.com/doc/#authorization-login
http://developers.olacabs.com/api/3
You can also have a look at the following resources-
http://blog.attify.com/2015/02/01/ola-cabs-privacy-security-issue-discovered-appwatch/
https://medium.com/#CodeTheDevil/busting-ola-wallet-1ceea6174b1f
After hitting the login URL of Microsoft band with my credentials, i am redirected to a URL which contains the access token but it doesn't return the refresh token for the authorisation scope (offline_access). Do we have to make any changes in the Microsoft account for offline access ?
Note : offline_access scope missing in redirected URL
Login URL : (To get access token)
https://login.live.com/oauth20_authorize.srf?client_id=0000000067E8E&scope=offline_access mshealth.ReadDevices mshealth.ReadActivityHistory&response_type=token
&redirect_uri=https://login.live.com/oauth20_desktop.srf
Redirected URL
https://login.live.com/oauth20_desktop.srf?lc=1033#access_token=EwCgAvF0BAAUkWhN6f8bO0%2bg89MA1fmZueWyRkQAAe%2bPpQEZi2ny0/0knttDAVbenK3VDVzYzmD7HRVQ2rZXp9hSbJE1VvXse%2bZW0IoWqVvgAdHmWleOmKHhB3E4eJ220ztjozrqyxA0Vo/T1/RzW8U2f%2b5FQp6YKnPCXPIOenPz9XqHBapvzZkRTXO666VuJ7cjgcmQ7ANIJyMdu6J1DmEmp5B2pbLlRf/RxGFDzQEuhdHE68ExKtdRgXNGquW9fwKx6uG4Np6tCHebbzOUoY8/oHLS7x/eNUPYJUKMJweljI3FVOBUnaiYfMSY/AUFBvPvjrIoyQIjTmEG81vn3jIbhUVOuC/BTAZcm0aW3tZQLor9TLmd/uDg/P5jPZsDZgAACKznE0lStQmJcAFKavrO1/U7NXE1zzCSj2MHf867kmZ62UNwUmOqfbBHbFmFaNyqLq5d7Brv/RuIKV321t8OEcE8jUp65D9rjTp3jSYWnKP2mwib%2bvOpdtctN41yoCr%2bk8gKcyALtB%2bYbpxAFrN5J471XLzXy0doOCbOmjbU%2bYKy1mZI/j%2b0Hvn7JSL9B3DC1/YqfF21OjjzT8Xtil5Av/kVCpr8KIYpfzxVP4YqavxU1xriw2c4hR1uN%2b9dp4NuurxpeJb%2boUJ9LgikZN3rX2iB4n5e5VxtH0jRPujZd0nTRA8kwhJJzlgrIGsBDoqEDp8xp9KqkUEZ7%2bevvhbRD/9O5x6/4g%2biPORgicWqTEQ4XxvV5LKaeZq4rKxaDemmNI92yHjSjYA2WQNidbjEmRmelA221Sn2AFqp77uOD7%2bTitoXzOPWMrqLjGkcOH9UQdYA9uXbSPvQ7g1AwUPtlB7Y2fh0JlzBa7OyGrzai9mHJ1jmyXRj76/naI0B&token_type=bearer&expires_in=3600&scope=mshealth.readactivityhistory%20mshealth.readdevices&user_id=2c6adaf29f64fe0d0d72670f90c67080
You're trying to use 'response_type=token' but the Microsoft Health API uses the 2-step 'response_type=code' authentication flow. See section 4.8 of the Getting Started guide. The redirect URL for the first call contains the authorization code as a query parameter. You use that code in a second call which returns a JSON response body containing the access token and (if offline_access scope was requested) a refresh token.
I am trying to implement Foursquare Native OAuth on my Android app. I have followed the foursquare-oauth-library sample and have succesfully generated an access_token for the user.
However, following Foursquare's recommendation of my App's Secret not being stored anywhere in the app and instead performing a server side auth code/access_token exchange I am doing the call on my server but get a redirect_uri_mismatch error everytime I do it this way.
I am getting the auth code as specified in the sample app:
AuthCodeResponse codeResponse = FoursquareOAuth.getAuthCodeFromResult(resultCode, data);
Afterwards, I send that auth code from my Android app to my rails server. I assume the access_token should be obtained following Step 3 of https://developer.foursquare.com/overview/auth#code but I get the redirect_uri_mismatch response.
I am using Nestful on my rails server to send Foursquare my request for the access_token:
response = Nestful.post 'https://foursquare.com/oauth2/access_token',
client_id: ENV_CONFIG['foursquare_client_id'],
client_secret: ENV_CONFIG['foursquare_client_secret'],
grant_type: 'authorization_code',
redirect_uri: ENV_CONFIG['redirect_uri'],
code: params[:code]
#token = response['access_token']
The response is:
{"error":"redirect_uri_mismatch"}
I have already double checked the app's configuration on Foursquare, where I have also set my generated Android Hash Key, and even tried providing that as a redirect_uri parameter to generate the acess token, but to no avail.
Any idea of what I could be doing wrong?
It turns out that the given code checks upon the redirect_uri provided originally. Since one wasn't specified in the first place, no redirect_uri param should be passed to the code/access_token exchange call.
I'm using this library https://code.google.com/p/socialauth-android/ to login into my application using google account. So far so good. I can get user name, email but get user profile picture. I think, that library uses OpenId + Oauth to login and after call:
profile.getProfileImageURL()
i get null.
I can get token and secret (OpenId ?) by calling:
socialAuthAdapter.getCurrentProvider().getAccessGrant()
For example:
token key : 1/J0_R-D03mykbqHnnNrVV1lk9FH2j996G05O2WVcHTrQ
token secret : vnh25rzUBVJKjHNpT_USeyjK
but i can't use this to retrieve user profile url by using link: https://www.googleapis.com/oauth2/v1/userinfo
Can you give me any tips, how to use what i get from this library to get also picture url ?
My oauth_consumer.properties:
www.google.com.consumer_key = xxxxx.com
www.google.com.consumer_secret = xxxxxxxxxx
www.google.com.custom_permissions = https://www.googleapis.com/auth/userinfo.profile
Apologies for the delayed response. We monitor socialauth questions on our Google project regularly.
The problem is that Google OpenId + OAuth api does not give image URL. We are in process of retrofitting the Google provider with Google+, so this will be available in the next minor release - star our Google project socialauth for updates.