Hi All
Read the notes on oauth2 in 10.0 DP6 and I could prepare the following button script for Google authentication using OAuth2.
In the "Client ID for Web application" page over at Google API portal, I've kept the Auth. Redirect URL empty.
My Button Script:
[indent]on mouseup
constant kAuthURL = "https://accounts.google.com/o/oauth2/auth"
constant kTokenURL = "https://oauth2.googleapis.com/token"
constant kClientID = "274593072165-oiud666u9j7vbquu.apps.googleusercontent.com"
constant kClientSecret = "com.googleusercontent.apps.2745662165-8t8266kig5qjbacj4"
constant kScopes = "https://www.googleapis.com/auth/userinfo.email"
if the environment is "mobile" then
OAuth2 \
kAuthURL, \
kTokenURL, \
kClientID, \
kClientSecret, \
kScopes, \
"in.tal3ic.tal3ic://tal3ic"
//assume tal3ic.in is my website, and I have also added tap3ic in the CustomURL field in Standalone Settings for iOS
end if
put the result into tres
answer tres
if tres is not empty then
answer error "Not authorized!"
else
//<retrieve email id via JSON from API endpoint>
end if
end mouseup[/indent]
Is this a proper approach for iOS? Especially the Authorized Redirect URL.
Many thanks in advance.
Vikram
OAuth2 Redirect URL Question
Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller, robinmiller
-
- VIP Livecode Opensource Backer
- Posts: 16
- Joined: Fri Dec 31, 2010 8:13 am
Re: OAuth2 Redirect URL Question
Hi Vikram
I presume you're really asking about the "in.tal3ic.tal3ic://tal3ic" part of your script - that seems quite strange to me, but I really can't speak to that, perhaps wiser minds can answer.
As far as I can see, you DO need to provide a port number for the uri:
It's not mentioned that iOS should be different in the Dictionary (but that may well be the case, I can't say).
As a general point, you'll probably want the constants outside of any specific handler, at the top of the script so they can be accessible to any handler in the script, i.e.
PS: As I'm sure others will tell you, please enclose your code the code tag button </> (the 5th from the left), it makes it much easier for people to read and copy your code. Or, replace you 'indent' tags, which don't exist in this forum, with [ code][/code] tags.
And don't share your private keys
I presume you're really asking about the "in.tal3ic.tal3ic://tal3ic" part of your script - that seems quite strange to me, but I really can't speak to that, perhaps wiser minds can answer.
As far as I can see, you DO need to provide a port number for the uri:
This is the example given in the dictionary, which should present an authorisation dialog:In order to handle the redirect the library accepts socket connections on localhost on a configurable port. The redirect uri configured when setting up your application with the web service should be http://127.0.0.1:port where port is the port that can be configured with the port parameter. It is recommended to use the range 49152-65535.
Code: Select all
OAuth2 kAuthURL, kTokenURL, kClientID, kClientSecret, kScopes, 54303
As a general point, you'll probably want the constants outside of any specific handler, at the top of the script so they can be accessible to any handler in the script, i.e.
Code: Select all
constant kAuthURL = "https://accounts.google.com/o/oauth2/auth"
constant kTokenURL = "https://oauth2.googleapis.com/token"
constant kClientID = "xxxxxxxxxx.xxxxxxxxxxx"
constant kClientSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
constant kScopes = "https://www.googleapis.com/auth/userinfo.email"
on mouseUp
OAuth2 kAuthURL, kTokenURL, kClientID, kClientSecret, kScopes, <PORT NUMBER>
If the result is not empty then
answer "Authorisation failure:" && the result
else
### process the JSON in the it variable ###
end if
end mouseUp
PS: As I'm sure others will tell you, please enclose your code the code tag button </> (the 5th from the left), it makes it much easier for people to read and copy your code. Or, replace you 'indent' tags, which don't exist in this forum, with [ code][/code] tags.
And don't share your private keys
-
- VIP Livecode Opensource Backer
- Posts: 16
- Joined: Fri Dec 31, 2010 8:13 am
Re: OAuth2 Redirect URL Question
Thanks - noted!. they keys are trimmed/truncated but of course a bad idea.
From the latest version of the dictionary:
The redirect URI configured when setting up your application with the web service for desktop should be http://127.0.0.1:port/ where port is the port that can be configured with the pPortOrRedirectURI. On mobile platforms use a reverse domain name based custom uri scheme such as com.example.myapp://myapp where com.example is a domain that you control.
So they have given an example of the custom uri scheme.
From the latest version of the dictionary:
The redirect URI configured when setting up your application with the web service for desktop should be http://127.0.0.1:port/ where port is the port that can be configured with the pPortOrRedirectURI. On mobile platforms use a reverse domain name based custom uri scheme such as com.example.myapp://myapp where com.example is a domain that you control.
So they have given an example of the custom uri scheme.
-
- VIP Livecode Opensource Backer
- Posts: 16
- Joined: Fri Dec 31, 2010 8:13 am
Re: OAuth2 Redirect URL Question
Question is how would one establish that one owns the domain? Perhaps from the Auth. JavaScript origin field.