Adding Create OAuth client ID in google console for Google Drive I encountered 2 unclear parameters :
Authorized redirect URIs and Authorized JavaScript origins:
Having home page of my site as
https://tads.my-demo-apps.tk
I filled with some url for this site : https://prnt.sc/ydQ2NCQO9Isu
My site has not any pages with such urls, but I can add them later.
Which urls these pages must have ?
Thanks!
For the redirect URIs you can check on the documentation on Create authorization credentials from Using OAuth 2.0 for Web Server Applications:
The redirect URIs are the endpoints to which the OAuth 2.0 server can send responses. These endpoints must adhere to Google’s validation rules.
And the javascript origins are explained on Create authorization credentials from OAuth 2.0 for Client-side Web Applications:
Applications that use JavaScript to make authorized Google API requests must specify authorized JavaScript origins. The origins identify the domains from which your application can send requests to the OAuth 2.0 server. These origins must adhere to Google’s validation rules.
Related
Does anyone know what are the "single account SMTP plugins" referenced here in this Google OAuth API policy?
See the last bullet of the "Exceptions to verification requirements":
SMTP/IMAP/WP: The app is used to send emails through WordPress, or similar single-account SMTP plugins.
Answer
Single-account is one account connected to your project or the only sender in it and SMTP plugins refers to the plugin that uses this OAuth token in order to send messages.
In summary, the bullet SMTP/IMAP/WP means that if you are using WordPress and set it up to be able to send emails using Gmail scopes, this is relegated to a single account SMTP plugin use and is not applicable for verification. Otherwise if your app is meant for public use it might require using https://mail.google.com/ scope, you will need to submit your app for the restricted scope verification.
I am trying to offer an application which is to allow access to user's private files through proprietary back end and present them in a custom Web UI. What is the mechanism that allows to bridge the Web-based OAuth to the server side Drive access for each user?
EDIT:
To expand on my brief description, I would like to add that the OAuth authentication to receive the Token Response is to happen through the HTTP interaction and be presented to a user in a Web interface and be of 2-legged nature. But then I thought the Token Response would be passed to a Java server (via HTTP headers), which would process the file to be stored in user's Drive after some processing. What is not clear to me is what APIs are used to manipulate the files in Google Drive from the Java server back-end and how the Token Response is passed to those APIs to facilitate OAuth authentication.
Is this even implementable?
I was able to successfully show the google maps on this page when the url was only http , now I after making it as https , it is giving errors like :
NetworkError: 403 Forbidden - https://maps-api-ssl.google.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d41.88098829471135&2d-87.65924221147355&2m2&1d41.88841667852121&2d-87.6252154211187&2u17&4sen-US&5e0&6sm%40347000000&7b0&8e0&9b0&callback=xdc._1eql41&token=45632
Any suggestions on what I am missing here?
Based from this documentation, your http request should look more like this: http://maps.googleapis.com/maps/api/service/output?parameters. HTTPS is required for all Maps API web service requests containing user data, or developer identifiers. Requests made over HTTP that include sensitive data may be rejected.
Found also in this HTTP and HTTPS protocols are considered different URLs documentation that if HTTPS is authorized, HTTP is not necessarily authorized. If you'd like to authorize both at once, you may add a domain without using a protocol: example.com/.
A 403 Forbidden error means that you do not have permission to view the requested file or resource. While sometimes this is intentional, other times it is due to misconfigured permissions.
Why am I receiving a HTTP 403 Forbidden response to my Maps API web
service
requests?
An HTTP 403 response indicates a permission issue, likely because the
signature could not be verified for this request. This could be
because:
A signature has been specified but is incorrect for this request.
The request specifies a Google Maps APIs Premium Plan client ID but does not specify a signature, and the web service being called
requires that all requests made using a client ID include a valid
signature.
A signature has been specified but the associated Google Maps APIs Premium Plan client ID has not been specified.
Hope this helps!
I'm using Google Maps Web Services API for work, and they've given me a client ID. When I load up the main page, I don't get an error. However, when I click a sub-page, eg localhost:8080/pages/page.xhtml, I get an error called UnauthorizedURLforClientIdMapError, with the message that this URL is not authorized to use the provided Google Maps client ID.
For reference, Google discusses it in its documentation here: https://developers.google.com/maps/documentation/business/clientside/auth#registering_authorized_urls
With all that being said, I'm currently testing my server with TomCat using the URL http://localhost:8080. This domain has been authorized, as has my individual IP. In my view files, I'm adding this:
<script src="https://maps.googleapis.com/maps/api/js? &client=MY_CLIENT_ID
&v=3.19
&channel=MY_CHANNEL" type="text/javascript"></script>
where 'MY_CLIENT_ID' and 'MY_CHANNEL' are obviously changed to suit my needs (my client id and channel are correct). I've searched through stack overflow and also read all of the relevant Google Documentation but I feel like I'm missing something very small (or large, I'd hope not though).
What's going on?
Each URL that uses Google Maps for Work with the ClientID must be authorized to use that clientid.
You can find all the details here. But this is the summary:
The domain name or IP address does not have to be publicly accessible
All subdomains of a specified domain are also authorized.
All subpaths of an authorized path are also authorized.
Paths are case sensitive.
You may restrict valid URLs to those using certain ports.
HTTP and HTTPS protocols are considered different URLs.
If you are getting the UnauthorizedURLForClientIdMapError, look through the URL authorization rules and see if you simply need to add the URL to the list of authorized URLs.
Btw, here is the the list of Google Maps API Error Codes with explanations.
You must allow the referred URLs related to that Client ID in the Google support management portal.
Access to the Google Support Management portal - http://www.google.com/enterprise/portal - , login with your enterprise google account, then in the left menu, go to "Maps, Manage Client ID" link, select you client id in the combo, and in the "Enter the URLs" textarea, write the referrer URL you want to authorize and click on "Add URL" button.
If you are using a ClientID instead an API KEY to authenticate to Google Maps services, the referrer URLs must be authorized here. If you are using an API KEY, yo must authorize the referrer urls from the google developers console.
I am trying to develop a chrome extension in which I need to use 3rd party Oauth2 authentication. The third party service I want to use, only supports POST requests. But it seems that the launchWebAuthFlow method in the Chrome Identity API, only supports sending GET requests, as all the query parameters are sent in the URL itself. Is this correct? If yes, how should I do authentication?
UPDATE : The API I want to connect is that of Pocket
Partially you're right about POST requirements. But it is only used to initialize Oauth flow.
According to the documentation:
1) You must make a POST request to obtain a request token from Pocket auth service
2) Redirect user to the auth page: https://getpocket.com/auth/authorize?request_token=YOUR_REQUEST_TOKEN&redirect_uri=YOUR_REDIRECT_URI
Which means that you have to make a simple XHR to retrieve request token and then you can use chrome.identity.launchWebAuthFlow function to begin Oauth flow.
Did you try launchWebAuthFlow? You may find that it works. Once authenticated, you can exercise the API via POST, using XMLHttpRequest. (launchWebAuthFlow only handles the authentication, not the API itself.)