How to create new users in g suite without oauth2 - google-admin-sdk

I am trying to create a process that will create users in g suite using Java.
The Google documentation is a little bit confusing for me but I manage to create a G Suite user on localhost. The problem is when I deploy de application on a specific id the redirect URL for auth doesn't work anymore.
I manage to do this by adapting this quick start: https://developers.google.com/admin-sdk/directory/v1/quickstart/java
My question is related to google popup. How can I prevent this popup, is there a way to use a simple secret key?
If not how can I configure my application from google console to allow multiple sites to receive the auth token?
Thank you

You cannot create new users in Gsuite without OAuth2. When you run the quickstart program it will open a new tab and asked for Authentication & Authorization. Once you complete the Authorization it will store the token in your project folder. When you add users to Gsuite(you need to write code using documentation) it will use that token (Access token). It will not ask for authorization again. So you need to authorize your application in order to create users in Gsuite. In case you delete that token, it will ask to Authorize the application.

Related

Django Login form Using AD

I'm trying to create an App which has a log in page where user should be authenticated using azure AD. Basically the App has a log in form where user puts his id and password from ad and django should check with ad and allow him in or not. Later on ofc would like to add permission depending on AD group.
So far I searched a lot on the internet and found nothing. Could you guys help with some example or link to documentation what I could use.
First of all, I'd like to suggest that you don't do that.
What you are asking for is ROPC flow: https://joonasw.net/view/ropc-grant-flow-in-azure-ad.
Usage of this flow is not recommended unless this is for migrating a legacy application (which is the original purpose of ROPC).
It also won't work if the user has MFA, an expired password etc.
There is usually no reason why you'd want to handle user passwords when using a federated identity provider.

Need concept clarification for wso2is

I am a 30+ year programmer, but almost all of it was in the semi-conductor world and none of that was with web sites. I have been given the task of getting wso2is to work with 1 new app and eventually add the already existing apps. Most of the terminology is foreign to me. I have read much of the documentation, it is beginning to make sense. I can get it to run and create some of the items needed, user, role, permissions and claims. But there are some concepts that I don't get from the manual.
Ok I know that what I need to get out of it is simple authorization.
Person->web_app->wso2is->authorization->web_app
We will eventually have several apps that our internal users wish to forgo multiple logins.
So if I have AppA and AppB and I want to use both Apps. I login to AppA, it sends authorization request to IS and it sends back true/false that all is good for AppA, but now I need to get into AppB from the same browser, new tab. It is my understanding that wso2is is single sign-on (SSO). So it looks like I would have to sign also to AppB completely independent to AppA. Our developers are looking to use curl to communicate with IS. So how does IS tie all this together?
I'm very confused.
I understand users, roles, permissions and claims, at least I think I do.
I've managed to add users with REST and SCIM. I've had no luck in getting ANY of the samples to work.
Hope it is not too late to answer this question. I will try to expalin the steps as simple as possible.
Add App A, as service provider in WSO2 IS.
Add App B as service provider in WSO2 IS.
Note: Both apps can be ( and should be) fully independent to each other. By that I mean, App A can be java, App B can be a .net application. They can have different certificates for encryption etc.
When you try to log in to App A in new browser session, it will redirect you to WSO2 login page and there you can authenticate yourself with user id and password.
Now when you try to open App B in same browser in new tab, WSO2 will not ask you again for user id and password, rather it will allow you to access App B. All this happens because of SSO.
This is SSO in the simplest way.

Authenticate Facebook users in Cakephp 3x

I have used PHP SDK-4 for Facebook login in CakePHP 3 (beta version) which works fine.Now, I'm in need to fetch user data based on FB login and authenticate users. Am trying with Cake's Auth component. Initially, while trying to Auth users,
$this->Auth->setUser($user)
Got Error: Session was already started as we require session_start() for Facebook login. 1- Tried with enter link description here, and sessions [session_write_close()] etc..still it did not work. Could I get some shot on best way to authenticate users with Facebook login in site?
CakePHPs sessions are lazy started, that is, they are being started once your try to access the session in some way, and in case the session was started manually in beforehand, you'll receive that error, see Session::start().
You can easily workaround this by manually starting the session via CakePHP. The session object is available in the current request, so for example in your controller before using the SDK you could simply do something like
$this->request->session()->start();
and then the Facebook SDK should be able to pick it up.
As burzum already mentioned in the comments, the authentication should better be wrapped up in an authentication handler.
I would suggest having a look at HybridAuth, there's also a CakePHP plugin for seamless integration into CakePHPs auth mechanism, this might give you some ideas for a custom implemenation in case you need to use the v4 SDK, which isn't yet supported by HybridAuth.

How to read Facebook Insights for a Native/Desktop app programmatically

Unfortunately I'm struggling to understand the documentation provided by Facebook.
This is the scenario:
- Some of my iPhone Apps are also registered as Native/Desktop Apps on Facebook in order to support the Facebook Audience Network.
- I'm building a tool in python which will retrieve data from the reporting API in order to run some automated analysis on specific metrics (request, impressions and so on).
The question is: how do I retrieve this data?
The documentation for the reporting API is here: Reporting API
However I'm struggling with the access token.
It says that I could use the specific App Token available here: App Tokens
However by using such token, I get an error saying that app tokens can't be used for Desktop/Native Ads.
What is the correct way to do it then? Here is where I struggle to understand Facebook Documentation.
My guess is that I should use a User Access Token instead, generated for a user that is also the admin of the App for which I want to retrieve the insights.
What really freaks me out is that apparently, this can't be done with normal HTTP calls only but it requires instead to go through the Facebook Login Dialog. I also need to create another Facebook (web) app because there is no way to get a simple "User Object"... Everything needs to start and go through a registered Facebook App. And there's no way to go through these steps by using backend code only.
So... to recap... in order to read the Insights for a Native/Desktop Facebook App (APP_A), I have to:
- Create a new Web Facebook App (APP_B)
- Create a web interface somewhere for APP_B) which will trigger the Facebook Login Dialog and request the read_insights permission.
- Login through this web interface and generate a User Access Token
- Put this User Access Token in my backend code and run the scripts that retrieve the data provided by the Reporting API for APP_B
Really... to me... it doesn't make any sense to create a new Facebook App in order to access the data of another Facebook App.
Isn't there another better, simpler, quicker, cleaner way to achieve the same final result?

Facebook Integration Static access token

I'm trying to use the facebook API on the backend of a website. Essentially, I want to be able to create events using a Djano app and have it create the corresponding facebook events.
The organization I am creating events for already have a facebook page. I only am concerned with posting events on that organization's page. I am the admin for the organization so I know all the login info.
What I am am trying to figure out is how I can setup the access token such thatit just works for the organization without any need to login to the facebook app. I was thinking that setting a static access token would do the trick, but I cannot find anyway to do it.
So, what is the standard way to create a facebook app that only interfaces with one predefined user?
Im not entirely sure what you're trying to do. However the static access token has now been deprecated. Do you want to: create an event for the person using the page, or for the company's page/profile?
Hope I can help