oltu-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jasha Joachimsthal <ja...@apache.org>
Subject Re: Yahoo user authentication using Oltu
Date Fri, 13 Feb 2015 09:53:19 GMT
On 13 February 2015 at 00:24, Tiburtius, Ashwanth [IWD]
<Ashwanth.Tiburtius@iwd.iowa.gov> wrote:
> Hi,
>
> With Jasha's help, I was able to get through Yahoo OAuth api to get the profile information.
But unfortunately, Yahoo doesn’t send email addresses in the profile information. Based
on my research, it looks like we need to use Yahoo OpenID AX implementaion for this. It would
be very helpful to know if Oltu provide support for this or if someone has used Oltu to get
Yahoo email id after a user authenticates themselves.
>
> Really appreciate your time. Thank you.

You've probably configured your App permissions for "Social Directory
(Profiles)" and then "Read" which only provides public information.
Switch to "Read/Write Public and Private" and you get the email
addresses in the profile. You get a new client id and client secret
from Yahoo! because they implicitly link their clientId to the scopes
(permissions).

Jasha

>
> Regards,
> Jude.
> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA  50319
> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>
> -----Original Message-----
> From: Tiburtius, Ashwanth [IWD] [mailto:Ashwanth.Tiburtius@iwd.iowa.gov]
> Sent: Wednesday, January 14, 2015 1:52 PM
> To: user@oltu.apache.org
> Cc: dev@oltu.apache.org
> Subject: RE: Yahoo user authentication using Oltu
>
> That’s it. It worked. Wow!! After so many days. Thank you so much Jasha.
>
> Thanks,
> Jude.
> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA  50319
> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>
>
> -----Original Message-----
> From: Jasha Joachimsthal [mailto:jasha@apache.org]
> Sent: Wednesday, January 14, 2015 1:22 PM
> To: user@oltu.apache.org
> Cc: dev@oltu.apache.org
> Subject: Re: Yahoo user authentication using Oltu
>
> To get the Authorization location:
>
> return OAuthClientRequest
>     .authorizationLocation("https://api.login.yahoo.com/oauth2/request_auth")
>     .setClientId(clientId)
>     .setResponseType(OAuth.OAUTH_CODE)
>     .setState(state)
>     .setRedirectURI(redirectUri)
>     .buildQueryMessage();
>
> The code for the access token and profile request are already in this thread.
>
> When configuring a new app there's a section "Access Scopes". I checked "This app requires
access to private user data."
> The permission is "Social directory (Profiles)" and then the option "Read".
>
> Maybe you didn't check the correct scope to get profile data.
>
> Jasha
>
>
> On 13 January 2015 at 23:38, Tiburtius, Ashwanth [IWD] <Ashwanth.Tiburtius@iwd.iowa.gov>
wrote:
>> Hi Jasha,
>>
>> I had been trying to get past the Yahoo authorization error but I am not able to.
I have tried many trial and error methods and I am getting one of 2 errors back and there
is no documentation as to what those errors are. So I am stuck. If you don’t mind, can you
please send me the code where you get authorization code from yahoo. It might help me identify
my mistake. Thanks in advance.
>>
>> Thanks,
>> Jude.
>> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA
>> 50319
>> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>>
>>
>> -----Original Message-----
>> From: Jasha Joachimsthal [mailto:jashaj@gmail.com]
>> Sent: Monday, January 12, 2015 11:24 PM
>> To: user@oltu.apache.org
>> Cc: dev@oltu.apache.org
>> Subject: Re: Yahoo user authentication using Oltu
>>
>> I'm sorry but I cannot help you with Yahoo's (undocumented) error codes. The redirectURI
should be a valid URI and now you only provide the hostname in the request.
>> One other thing: never publish your consumer secret to the public.
>> It's a password that should only be known by you and the OAuth provider.
>>
>> On 12 January 2015 at 22:39, Tiburtius, Ashwanth [IWD] <Ashwanth.Tiburtius@iwd.iowa.gov>
wrote:
>>> Thank you again Jasha. It was very helpful. I am actually getting an error in
the authorization part itself. Following are the details.
>>>
>>> Application:
>>> Consumer Key:
>>> dj0yJmk9VERKTlY3bGFWbHVvJmQ9WVdrOU5XZGFNRzE2Tm04bWNHbzlNQS0tJnM9Y29uc
>>> 3
>>> VtZXJzZWNyZXQmeD02ZA-- Consumer Secret:
>>> 443a42b6cb7e2a8472fa9f09ba6841599749c84b
>>> Application
>>> URL:http://devvm03.ia.wd.org/dashboard/faces/views/redirect.xhtml
>>> Callback Domain:devvm03.ia.wd.org
>>> Application ID: 5gZ0mz6o
>>>
>>> Request Url:
>>> https://api.login.yahoo.com/oauth2/request_auth?response_type=code&re
>>> d
>>> irect_uri=devvm03.ia.wd.org&language=en-us&client_id=dj0yJmk9VERKTlY3
>>> b
>>> GFWbHVvJmQ9WVdrOU5XZGFNRzE2Tm04bWNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD
>>> 0
>>> 2ZA--
>>>
>>> Error: Oops. Yahoo is unable to process your request. We recommend
>>> that you contact the owner of the application or web site to resolve
>>> this issue. [95036]
>>>
>>> Java:
>>> request = OAuthClientRequest.authorizationLocation("https://api.login.yahoo.com/oauth2/request_auth")
>>>         .setClientId("dj0yJmk9VERKTlY3bGFWbHVvJmQ9WVdrOU5XZGFNRzE2Tm04bWNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD02ZA--")
>>>         .setResponseType(OAuth.OAUTH_CODE).setRedirectURI("devvm03.ia.wd.org")
>>>         .setParameter("language", "en-us").buildQueryMessage();
>>>
>>> I see that I am missing something in the configuration and how the url is being
built but I am not sure what it is. YDN forums say that call back url and the redirect url
should match, so I have coded the way it is. I am getting the same error with a different
error code even if I send " http://devvm03.ia.wd.org/dashboard/faces/views/redirect.xhtml"
as the redirect uri. When I created the app in YDN, the only option available was to enter
the Application Url, I am not sure if it should be same as redirect url since I did not find
a separate place to enter it.
>>>
>>> I have posted a question in YDN forum but if you or any other user could help
me, I would appreciate it much. Thank you.
>>>
>>> P.S: "http://devvm03.ia.wd.org/dashboard/faces/views/redirect.xhtml" is the correct
redirect url.
>>>
>>> Thanks,
>>> Jude.
>>> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA
>>> 50319
>>> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>>>
>>>
>>> -----Original Message-----
>>> From: Jasha Joachimsthal [mailto:jasha@apache.org]
>>> Sent: Friday, January 09, 2015 6:23 PM
>>> To: user@oltu.apache.org
>>> Cc: dev@oltu.apache.org
>>> Subject: Re: Yahoo user authentication using Oltu
>>>
>>> Hi,
>>>
>>> Yahoo supports the same authorization code flow as Google and
>>> Microsoft, but you cannot copy-paste the implementation dus to subtle
>>> differences. You can find the Yahoo documentation on [1]
>>>
>>> For Yahoo your callback uri must be accessible on port 80 or 443.
>>> Other ports are not accepted in the authorization flow and lead to error pages.
>>>
>>> When requesting an AccessToken, the clientId and clientSecret should be set in
the Authorization header, while all other parameters must be in the request body. The AccessToken
response contains the user id.
>>>
>>> final OAuthClientRequest oAuthClientRequest = OAuthClientRequest
>>>     .tokenLocation("https://api.login.yahoo.com/oauth2/get_token")
>>>     .setGrantType(GrantType.AUTHORIZATION_CODE)
>>>     .setRedirectURI(https://myapplication.example.com/callback)
>>>     .setCode(code)
>>>     .buildBodyMessage();
>>>
>>> final String up = clientId + ":" + clientSecret; final byte[] base64
>>> = Base64.encodeBase64(up.getBytes());
>>> String authorizationHeader = "Basic " + new String(base64);
>>> oAuthClientRequest.addHeader("Authorization",
>>> base64EncodedBasicAuthentication(idp));
>>>
>>> return getoAuthClient().accessToken(oAuthClientRequest);
>>>
>>>
>>> To get a user profile the access token must be sent via an http header:
>>>
>>> final String profileUrl =
>>> String.format("https://social.yahooapis.com/v1/user/%s/profile?format
>>> =
>>> json",
>>> yahooGuid);
>>> final OAuthClientRequest bearerClientRequest = new
>>> OAuthBearerClientRequest(profileUrl)
>>>     .setAccessToken(oAuthAccessTokenResponse.getAccessToken())
>>>     .buildHeaderMessage();
>>>
>>> return getoAuthClient().resource(bearerClientRequest,
>>> OAuth.HttpMethod.GET, OAuthResourceResponse.class);
>>>
>>>
>>> [1]
>>> https://developer.yahoo.com/oauth2/guide/#authorization-code-flow-for
>>> -
>>> server-side-apps
>>>
>>> Regards,
>>>
>>> Jasha
>>>
>>> On 9 January 2015 at 18:03, Tiburtius, Ashwanth [IWD] <Ashwanth.Tiburtius@iwd.iowa.gov>
wrote:
>>>> Hi,
>>>>
>>>>
>>>>
>>>> I am doing a poc to use Apache Oltu to authenticate Google,
>>>> Microsoft and Yahoo users. Oltu works great for Google and Microsoft
>>>> user authentication but I am not sure if I can use it for Yahoo as well.
>>>> Yahoo seems to have a different process compared to other content
>>>> providers like Google where you setup your application as a client
>>>> and get the client id and client secret, and use those to
>>>> authenticate a yourself and the resource owner but Yahoo seems to be
>>>> handling this differently. Has anyone tried to authenticate a Yahoo user
using Oltu?
>>>> Any help in this regard would be awesome. Thank you for your response and
your time.
>>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>> Jude.
>>>>
>>>> Iowa Workforce Development – IT | 1000 E Grand Ave, Des Moines, IA
>>>> 50319
>>>>
>>>> (515) 281-3378 | Ashwanth.Tiburtius@iwd.iowa.gov
>>>>
>>>>

Mime
View raw message