After talking with Brock Allen in the comments to the original post, I can’t really guarantee this is a good/safe solution, but this is the code I ended up using. (Note: a version of this code is available as a nuget package.) I created a IDataProtector implementation that uses AES: internal class AesDataProtectorProvider : IDataProtector … Read more
You can use this code: (original idea from http://coderissues.com/questions/27512300/how-to-append-login-hint-usergmail-com-to-googlewebauthorizationbroker) dsAuthorizationBroker.RedirectUri = “my localhost redirect uri”; UserCredential credential = await dsAuthorizationBroker.AuthorizeAsync(… dsAuthorizationBroker.cs using System; using System.Collections.Generic; using System.Threading; using System.Threading.Tasks; using Google.Apis.Auth.OAuth2; using Google.Apis.Auth.OAuth2.Flows; using Google.Apis.Auth.OAuth2.Requests; using Google.Apis.Util.Store; namespace OAuth2 { public class dsAuthorizationBroker : GoogleWebAuthorizationBroker { public static string RedirectUri; public new static async Task<UserCredential> … Read more
I’m adding a PHP answer – you may be able to adjust or convert it to garb / ruby code. You should be able to use Analytics with service accounts now. You will indeed have to use a private key instead of an access token. Create an app in the API Console Basically, you go … Read more
Omniauth doesn’t offer this functionality out of the box so i used the previous answer and another SO answer to write the code in my model User.rb def refresh_token_if_expired if token_expired? response = RestClient.post “#{ENV[‘DOMAIN’]}oauth2/token”, :grant_type => ‘refresh_token’, :refresh_token => self.refresh_token, :client_id => ENV[‘APP_ID’], :client_secret => ENV[‘APP_SECRET’] refreshhash = JSON.parse(response.body) token_will_change! expiresat_will_change! self.token = refreshhash[‘access_token’] … Read more
It seems that Google finally ditched the unnecessary client_secret for installable applications and is not yet up-to-date with their documentation. You should check if you already get an access_token in the initial OAuth request like it’s handled on Facebook. Another possibility would be to fall back to using a Simple API Access key. Update: First … Read more
I had this problem today and had to roll back from oauth2client version 2.0 to version 1.5.2 with: pip install oauth2client==1.5.2
The client_id and client_secret, by default, should go in the Authorization header, not the form-urlencoded body. Concatenate your client_id and client_secret, with a colon between them: [email protected]:12345678. Base 64 encode the result: YWJjQGdtYWlsLmNvbToxMjM0NTY3OA== Set the Authorization header: Authorization: Basic YWJjQGdtYWlsLmNvbToxMjM0NTY3OA==
https://graph.facebook.com/app/?access_token=[user_access_token] This will return the app this token was generated for, you can compare that against your app’s id.