• Replies 8 replies
  • Subscribers 15 subscribers
  • Views 6720 views
  • Users 0 members are here
Options
Related

OAuth API example with Google services

PedlarStudios
over 8 years ago
Hello,

I'm new to OAuth 2 in general and I have a question related to the OAuth API in Connect IQ, and how I would use it to interact with Google's services (https://developers.google.com/identity/protocols/OAuth2InstalledApp).

- (Object) makeOAuthRequest(requestUrl, requestParams, resultUrl, resultType, resultKeys)


If I were developing an iOS or Android app, I would register a custom URI scheme within my app and use that to receive the resulting response with the authorization code. With Connect IQ, should I be redirecting (with the resultUrl parameter) to a Garmin URL to retrieve the authorization code? Or I do need to host a page on a server that handles this? I'm obviously a little confused about this step.


Thanks!
  • over 8 years ago
    It is expected that you have a working OAuth flow prior to writing your ConnectIQ app. If you don't have that, you should probably go back one step and do that first.

    When you register your application with a service (like google), you typically provide one or more callback uris. When the service responds to an authorization request, it will send back an authorization code to that uri. As an example, if the callback uri is https://localhost:8080/callback, the service would redirect the user agent to localhost:8080/callback where {secret} is the authorization code to be used to authenticate the user. The script that you maintain (at the callback uri) will typically take that authorization code and some other application specific data (often just the application key and an application secret) and make another request to authenticate the user. The response to this request will be intercepted by Garmin Connect Mobile, and the authentication token (and possibly refresh token) will be sent to your app via the registered callback function.

    If all of this seems confusing, it is. It may be best to do some reading up on OAuth flows and how they work before proceeding.

    Travis
  • over 8 years ago
    Hi Travis,

    I am also having issued with an OAuth API request, the actually 3rd party OAuth is working fine and I am redirecting the client back to a final URL with http://www.myurl.com/myoauth/result?access_token=23456789 ( the access code from the OAuth request )

    I am using the following code:

    {
    // .... this is part of a larger function...

    var requestParams = {"client_id" => "12345678901234567890",
    "response_type" => "code",
    "redirect_uri" => "www.myurl.com/.../"};

    var resultUrl = "www.myurl.com/.../result";
    var resultType = 0;
    var resultKeys = {"access_token" => ""};

    Comm.registerForOAuthMessages(:callbackOauth);

    Comm.makeOAuthRequest(requestUrl, requestParams, resultUrl, resultType, resultKeys);
    }

    function callbackOauth(data) {
    Sys.println("DO stuff");
    }

    Whatever I do I cannot seem to get the callbackOauth method to be called.

    Hopefully it is something simple, but the documentation does not get a real world example of how to do this so I am not sure whether the values I am passing into the makeOAuthRequest method are correct?

    If you have any ideas that would be appreciated.

    Best regards,

    Chris

    It is expected that you have a working OAuth flow prior to writing your ConnectIQ app. If you don't have that, you should probably go back one step and do that first.

    When you register your application with a service (like google), you typically provide one or more callback uris. When the service responds to an authorization request, it will send back an authorization code to that uri. As an example, if the callback uri is https://localhost:8080/callback, the service would redirect the user agent to localhost:8080/callback where {secret} is the authorization code to be used to authenticate the user. The script that you maintain (at the callback uri) will typically take that authorization code and some other application specific data (often just the application key and an application secret) and make another request to authenticate the user. The response to this request will be intercepted by Garmin Connect Mobile, and the authentication token (and possibly refresh token) will be sent to your app via the registered callback function.

    If all of this seems confusing, it is. It may be best to do some reading up on OAuth flows and how they work before proceeding.

    Travis
  • over 8 years ago
    I fixed it :)

    For anyone else who might come across this thread when you call Comm.registerForOAuthMessages you need to pass in your callback method like this:

    Comm.registerForOAuthMessages(method(:callbackOAuth));

    This will work where you have a function like:

    function callbackOAuth(data)
    {
    // Do something with the returned data.
    }

    @Garmin - Please add this more explicitly to your documentation, this took me the best part of 7 hours to figure out as a newbie to MonkeyC.

    Cheers, Chris
  • over 8 years ago
    I've put in a request to beef up the documentation for a little more guidance. Thanks for letting us know.
  • over 8 years ago
    It seems that the programmer's guide covers this here. It doesn't really cover how to use resultKeys though. With that one, you need to specify a mapping from the parameter names in the request to parameter names you want your application to receive. For example...

    var resultKeys = {"access_token" => "twitter_access_token"};


    This would cause the system to extract the variable access_token, and then pass it to the application via the registered callback function with the key named twitter_access_token. This allows the application to disambiguate which OAuth source the message came from. i.e., if you see a key named twitter_access_token, you know the information is for a twitter OAuth request.

    Travis
  • over 8 years ago
    Thank you both for your replies, I had been referring to the page you linked to Travis, but this page does not mention the exact format needed for the call back and hence for a newbie like me it took me a long time to figure out ( eventually finding a similar example somewhere else )

    Cheers,

    Chris
  • over 8 years ago
    The documentation specifically says that callback parameter has the signature callback(data) (it takes one parameter), and that the type of the parameter is OAuthMessage. That should be all you need to know.
  • over 8 years ago
    The documentation specifically says that callback parameter has the signature callback(data) (it takes one parameter), and that the type of the parameter is OAuthMessage. That should be all you need to know.


    As a new MonkeyC developer from a .NET background, this is not enough detail to know the format needs to be as follows:

    Comm.registerForOAuthMessages(method(:callbackOAuth));

    as someone new to this language, this bit is not at all obvious from the documentation.

    method(:callbackOAuth)

    I am sure once you know the language or if it is similar syntax to another language this might seem really obvious but it stumped me for ages :(

    Hence I felt a bit more explaination in the documentation wouldn't go a miss, or to show an actual code snippet example.