I have a Python FastAPI Backend which gives me an endpoint in order to retrieve some oAuth data. The Endpoint works when i put it manually in my Browser. It first does a redirect retrieves an accessToken which it then adds to a second link and opens it. So the functionality works. Now i'm a bit stuck on how to get this data in my Frontend. I tried a GET request on the original endpoint but then get the response with the redirect link. What would be a clever way to handle this? I would like to store the data in the Frontend in order to manipulate it
Thanks for helping me!
After doing many OAuth2 interactions, I recommend you use a library; OAuth2 flow is fairly complicated with the interactions between Client, Backend, Identification, & Authorization servers. Using a library helps ensure you are doing all the key swaps properly and securely; Also it will save you lots of time :).
Here is a library I would use in your shoes; https://github.com/manfredsteyer/angular-oauth2-oidc
Related
Example URL = https://westgate-production-4cb87.firebaseapp.com/super-contests/weekly-card/embed
I've written the code needed to get this to work with the current deployed websocket URL and successfully scrape the data on this page -
wss://s-usc1c-nss-276.firebaseio.com/.ws?v=5&ns=westgate-production-4cb87
However, it seems that every so often the number in the subdomain will change (in this example - 276). I can obviously manually figure out what the new URL is using the Network tab in Dev Tools, but I was wondering if there was a Python code snippet or some approach where I can programatically detect what websockets are opening so that I can capture the wss:// URL and then pass it into the rest of my code that works correctly.
Thank you!
You're using an undocumented way to access the Firebase Realtime Database.
That first part of the URL is the server that your client is connecting to to access the data, and is actually determined by the first request(s) when the connection is established. But as said, this knowledge is not documented and can thus change at any time without notice.
I'd recommend using either the Python SDK, the REST API, or the REST Streaming API to access the database, as all of those are properly documented.
currently I plan on using AWS Cognito to handle my authentication for users. I want to do a simple registration and login.
So far, I have created a function which calls cognito's initiate_auth method. Currently my flow works like this:
User goes to /signup
After filling the form, I create a new user in the cognito backend and send them a verification mail
User is redirected to the /login page
The login function in the backend calls initiate_auth with the username and password, and retrieves some token information like this
{'AccessToken': '***', 'ExpiresIn': 3600, 'TokenType': 'Bearer', 'RefreshToken': '***', 'IdToken': '***'}
I believe these tokens are in the JWT format. My question now is, what exactly do I do with this? I know that I need to store this data, securely, somewhere, but I'm not sure what the best practice is.
I've heard that these tokens/data need to be saved in cookies in order to access them properly, but I also heard that there are some encryption problems, which is why I was looking for a library which handles this for me. I've come across this library: https://github.com/SimpleJWT/django-rest-framework-simplejwt
However, it seems like in order to use this library, I need to be using the DRF. However, my app is currently not the server handling/issuing out the tokens - it just retrieves them from Amazon. Do I need to convert these tokens for my application in some way?
Let's say I did have to use the DRF - then do I need to wrap the token handling functionality in it? I really don't know where to go from here. I am assuming that my authentication functions should be part of an API anyway, since, if I want to expand to a mobile version of the app, I can simply call the authentication function from my API. But I suspect that this would be a different step...and maybe I can kill two birds with one stone here.
I'm working in Flask on creating a JMML ("Join my mailing list") widget that submits data to an email marketing platform, and the platform follows an OAuth2 flow. The basic flow is:
I create access URL using a the base API URL, an API key, and a redirect URI
The program accesses this URL, and the user of the program is redirected to the marketing platform to log in and grant access.
The marketing platform performs another redirect back to the redirect URI that I provided. The URI is appended with the access token that I need to provide with app POST requests of my JMML. Here's an example of what the returned URI looks like:
http://localhost:5000/redirect_url#access_token=2C1zxo3O0J1yo5Odolypuo9DSmcI
Here's the problem I'm having: I have no idea how, programmatically, to use that final redirect url/uri as a variable in Python.I could make the user copy/paste it into a field, but there's gotta be a better way. I honestly don't even know the terminology for a redirected-redirect like this.
It's pathetic, and I'm lost, but here's what I have so far:
#app.route('/redirect_url')
def redirect_url():
# I have no idea how to actaully get the parameter out of the redirect url.
pass
I've checked the API documentation for the email marketing company's API, but they only provide code tips for handling Oauth2 in Ruby and PHP. Help!
There is a good blog post by Miguel Grinberg, where he describes how to work with OAuth in the flask application. Though I think that workflow will stay the same with any other web application.
Based on this it seems like you should be able to get the access token by getting the variable parameter from the url. I do not have your full code so i cant test, nor have I tried it with an # in the url, but this should work
#app.route('/originalurl')
#app.route('/redirect_url#<access_token>')
def show_user_profile(access_token):
if access_token:
#do work
return redirect(url_for('Anotherview')
return render_template('template.hmtl')
Otherwise we need more info on the api you are using Oauth with
I am trying to find the easiest way how to use Facebook Graph API using my favorite Requests library. The problem is, all examples I found are about getting user access token, about redirects and user interaction.
All I need is only application access token. I do not handle any non-public data, so I need no user interaction and as my final app is supposed to be command-line script, no redirects are desired.
I found something similar here, but it seems to be everything but elegant. Moreover, I would prefer something using Requests or Requests-OAuth2. Or maybe there is library for that? I found Requests-Facebook and Facepy (both Requests based), but again, all examples are with redirection, etc. Facepy does not handle authorization at all, it just accepts your token and it is up to you to get it somehow.
Could someone, please, provide a short, sane, working example how to get just the application access token?
Following https://developers.facebook.com/docs/technical-guides/opengraph/publishing-with-app-token/:
import requests
r = requests.get('https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=123&client_secret=XXX')
access_token = r.text.split('=')[1]
print access_token
(using the correct values for client_id and client_secret) gives me something that looks like an access token.
If you just need a quick/small request, you can manually cut and paste the access token from here into you code: https://developers.facebook.com/tools/explorer
Note: Unlike Richard Barnett's answer, you'll need to regenerate the code manually from the graph api explorer every time you use it.
I'm using python-oauth2 to authenticate API calls to Dropbox's API.
There are two problems I'm having:
I don't know how to provide a callback function to OAuth. I tried making the request as follows:
resp, content = client.request(request_token_url,\
"POST",body=urllib.urlencode({'oauth_callback':callbackURL}))
However, the function at callbackURL is not called.
At the moment, I've just modified the example code given in the README for python-oauth2, and I've managed to redirect the user to the Dropbox authentication page. However, I've written no code to explicitly sign my requests. Is that being done by the module, or are the requests I am making just unsigned? If its the latter, I'm really confused as to how things are working.
Help much appreciated. Thanks!
--Edit--
So I was reading the API docs, and the authorization URL takes two parameters - one is the access_token and the second is oauth_callback. I managed to created a URL that had these two parameters, and now, once the user authenticates my app, they are successfully redirected to my website. However, this seems like a very crude hack, and I'd love to learn to do this in a better way.