Jump to content

Google Authenticator


Harry Rogers

Recommended Posts

As it turns out.

It's trivial to implement (once someone else has done the maths <g>)

 

The link below provide a way to handle the process beautifully.

SO all you need is the Google app on your/your user's phone (or write your own Firemonkey implementation using the below unit)

And implement the algorithm in your login sequence of your unigui app to have a robust two factor authentication system.

It's based on the time/date so the phone does not actually need a live internet connection / no data or sms charges as with other implementations of one time passwords.

 

see here 

 https://plus.google.com/+PaulTOTH/posts/VMnw2sAGgvZ 

Link to comment
Share on other sites

  • 7 months later...

It seems the external link does not work anymore.

I try here to implement a login with google authentification (scope: https://www.googleapis.com/auth/userinfo.email).I'm just new in this.

 

I got a OAuth 2.0 client ID, one for websites and one for webserver to webserver. Wich one i must use?

Do i implement this on server side or on client side or both/mix?

Is there a example for unigui?

Link to comment
Share on other sites

OK guys,
 
I turned it to work. I made a small example fo those who are interessted on it. The example reads the E-Mail adddress, name, given name and family name from google account.

It is made with Delphi Rad Studio 10.1 Berlin but it should work with all versions who supports REST library. I did not really dived deep in to the REST library so it could be that some things could made easier or more "elegant". It is a prototype.

 

The main problem i see here that if google redirect to my app how can i be shure it is redirecing to the right session?

I'm sure the gurus here knows a solution for that..

googleapi.zip

post-1520-0-43633800-1487062636_thumb.jpg

post-1520-0-33321500-1487062996_thumb.jpg

post-1520-0-15050700-1487063085_thumb.jpg

Link to comment
Share on other sites

Hi,

 

i found the example "HTTP Post Callback - Browser Window". Is this the way to go to be "session-safe"?

 

Some hints:

- Google does not allow to show her login page in a frame. So i can not use a TuniURLFrame. Instead i use UniSession.UrlRedirect( LURL );

 

- I can configure the callback url google uses to redirect to my page. Google redirect to this url after successful login and adds the "AuthCode" parameter to the url when redirecting. It's possible to add a parameter to the url which identifiy the caller session?

(Ah i see, it is not possible to configure the google redirect url with a url like http://localhost:8077/?session='and add the current unigui session to the parameter. Google accept only a fix redirect URL as far i can see. As workaround for this i found

http://stackoverflow.com/questions/7722062/google-oauth2-redirect-uri-with-several-parameters. In a short view i did not understand what they do in the article.

 

 

 

Any help is welcome...

Link to comment
Share on other sites

Hmmm....

Thinking longer about that stuff maybe i'm trying to solve a problem who does not exists? I mean google login redirect to my browser and nowhere else, so who cares about the unigui session (in my case)? I do all the session handling for my app myself so i don't care which unigui session is active.

If i am right then my demo project should work properly...

  • Upvote 1
Link to comment
Share on other sites

  • 1 year later...

Trying to test.

My Google Account OAuth-2.0-Client-ID does not show ReDirect Option ?

Please advise - thanks

 

 

Authorized domains 

To protect you and your users, Google only allows applications that authenticate using OAuth to use Authorized Domains. Your applications' links must be hosted on Authorized Domains. Learn more

Application Homepage link

Shown on the consent screen. Must be hosted on an Authorized Domain.

Application Privacy Policy link

Shown on the consent screen. Must be hosted on an Authorized Domain.

Application Terms of Service link (Optional)

Shown on the consent screen. Must be hosted on an Authorized Domain.

Save Submit for verification Cancel
Link to comment
Share on other sites

  • 6 months later...
  • 3 months later...
  • 6 months later...
  • 6 months later...
  • 1 year later...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...