oauth

问题 I'm using Jon Crosby's open source Objective-C OAuth library http://code.google.com/p/oauthconsumer/ for some basic http authentication that does not deal with tokens, only consumer key and consumer secret. My code works great for GET, GET with parameters in the URL, and POST. When I issue a POST request that has parameters in the URL, though, the request fails authorization. I'm trying to figure out why. The server is using Apache Commons OAuth, so I'd like to compare my base string with

问题 I am looking into creating a desktop app in an interpreted language that accesses Google's APIs. From what I can tell, there is a security hole. The client secret would be exposed within the code, and even if I created the application in C++ or Java, the code could be decompiled\disassembled and the secret could in theory be found. Is there anyway around that besides obfuscating the code? I'd like to be able to distribute the code for others to use. 回答1: OAuth 2.0 Threat Model and Security

问题 Is it possible to present the Google Picker to a user who isn't logged in with her Google account? I would like to let the user select files from a shared Google Drive of the Google account of my website. I can access these files with OAuth on the server. But is it also possible to present the files with Google Picker? Maybe with this method: PickerBuilder.setOAuthToken(string) Sets an OAuth token to use for authenticating the current user. Depending on the scope of the token, only certain

问题 I need your help.i am using codeigniter MVC framework for signing in to my site using google client library. every thing is working fine expect $client->getAccessToken() when google redirects with code and i do the following code. $client->getAccessToken() return null value. and i saw many tutorials but didn't get any help. here is my code for controller function one. In this function i set my credentials to create authUrl. public function login() { // Include two files from google-php-client

问题 I'm getting confused. I was able to make openid login kinda work using LightOpenID. All I get doing that is just an openid_identity such as " https://www.google.com/accounts/o8/id?id=xxx ". Pretty disappointing: I was expecting to get the email address too. i.e. I need to login (that's what openid does) and to know the email address of the google account the user used to login. There is the function $openid->getAttributes() but all I get from that is just an empty array: I guess google isn't

问题 I have written a very simple application to update my twitter status on a given condition. I have used the twitter documentation to understand the requirements of creating the OAuth signature and also how to structure the Authorization header. I then send the request with cURL in PHP. Using the OAuth Tools on the twitter dev site, I compared both my signature base string and authorization header, and both are exactly the same: Signature Base String POST&https%3A%2F%2Fapi.twitter.com%2F1

问题 is it possible to create a custom oAuth server with the Zend Framework Zend_Oauth? For example i want to create a REST service and have oAuth authentication? Does the zend framework have support for this out of the box?> 回答1: Currently, there is no working OAuth server/auth adapter. There are a few of us (including myself) working to meld the existing Zend_Oauth into a Zend_Auth_Adapter. Find me on twitter @onyxraven and we can discuss. I should have an idea of what needs done before the end

问题 We're integrating facebook in our platform; we serve different customers and each one has a different access URL: http://customer1.example.com; http://customer2.example.com and so on. We're implementing OAuth 2.0 so customers are able to perform certain facebook actions from within the app. From the looks of the documentation (https://developers.facebook.com/docs/authentication/), it seems that we'll need one facebook app per customer, to make the authorization flow work. Is there a way to

问题 I''m pulling my hair out when trying to carry out an oAuth journey using PHP. I'm using a MAC_OSX_10.7.4/MAMP/PHP and I am pointing to the php inside my MAMP environment. I have downloaded the latest oAuth php extension 1.2.2. I've run: pecl install oauth Which came back successful, when I try to reinstall it I get: pecl/oauth is already installed and is the same as the released version 1.2.2 I have added the line: extension=oauth.so in my php.ini. but whenever I try and run this simple bit

问题 I'm using GoogleAuthUtil in Google Play Services on Android. After calling GoogleAuthUtil.getToken(context, userName, scope) , I got a token like this: ya29.wQBWztab5kcgMLcMbAI0LwFzHC_DPrxauSWbX4P6KOnBEOgjcm9V7OI9AFr6JGxDY54gP00RemzzgML56_gWRHn8Q5jK16BLY-0y83Gc5vfe3xN-QpyM4d7z This is an access_token, which can be used in calling Google Apis. Then, how can I get a refresh token to refresh this access_token, because I also use Google oauth java library and YouTube Java Library in my Android