Harry Rogers Posted July 8, 2016 Posted July 8, 2016 Maybe not specifically a UniGui question - though a UniGui solution would be nice. Has anyone had a look at the Google Authenticator Service? Quote
Harry Rogers Posted July 8, 2016 Author Posted July 8, 2016 As it turns out. It's trivial to implement (once someone else has done the maths <g>) The link below provide a way to handle the process beautifully. SO all you need is the Google app on your/your user's phone (or write your own Firemonkey implementation using the below unit) And implement the algorithm in your login sequence of your unigui app to have a robust two factor authentication system. It's based on the time/date so the phone does not actually need a live internet connection / no data or sms charges as with other implementations of one time passwords. see here https://plus.google.com/+PaulTOTH/posts/VMnw2sAGgvZ Quote
Jean-Marc Kiener Posted February 9, 2017 Posted February 9, 2017 It seems the external link does not work anymore. I try here to implement a login with google authentification (scope: https://www.googleapis.com/auth/userinfo.email).I'm just new in this. I got a OAuth 2.0 client ID, one for websites and one for webserver to webserver. Wich one i must use? Do i implement this on server side or on client side or both/mix? Is there a example for unigui? Quote
Harry Rogers Posted February 9, 2017 Author Posted February 9, 2017 Here is the original Delphi Unit. http://tinyurl.com/GAdotPas I'll chop out the code I've got in an app to make a simple demo implementation - if you give me a couple of days. Cheers Quote
Jean-Marc Kiener Posted February 13, 2017 Posted February 13, 2017 Here is the original Delphi Unit. http://tinyurl.com/GAdotPas I'll chop out the code I've got in an app to make a simple demo implementation - if you give me a couple of days. Cheers That would be great! Thanks for the Unit anyway. I will study it. Quote
Jean-Marc Kiener Posted February 14, 2017 Posted February 14, 2017 OK guys, I turned it to work. I made a small example fo those who are interessted on it. The example reads the E-Mail adddress, name, given name and family name from google account. It is made with Delphi Rad Studio 10.1 Berlin but it should work with all versions who supports REST library. I did not really dived deep in to the REST library so it could be that some things could made easier or more "elegant". It is a prototype. The main problem i see here that if google redirect to my app how can i be shure it is redirecing to the right session? I'm sure the gurus here knows a solution for that.. googleapi.zip Quote
Jean-Marc Kiener Posted February 15, 2017 Posted February 15, 2017 Hi, i found the example "HTTP Post Callback - Browser Window". Is this the way to go to be "session-safe"? Some hints: - Google does not allow to show her login page in a frame. So i can not use a TuniURLFrame. Instead i use UniSession.UrlRedirect( LURL ); - I can configure the callback url google uses to redirect to my page. Google redirect to this url after successful login and adds the "AuthCode" parameter to the url when redirecting. It's possible to add a parameter to the url which identifiy the caller session? (Ah i see, it is not possible to configure the google redirect url with a url like http://localhost:8077/?session='and add the current unigui session to the parameter. Google accept only a fix redirect URL as far i can see. As workaround for this i found http://stackoverflow.com/questions/7722062/google-oauth2-redirect-uri-with-several-parameters. In a short view i did not understand what they do in the article. Any help is welcome... Quote
Jean-Marc Kiener Posted February 15, 2017 Posted February 15, 2017 Hmmm.... Thinking longer about that stuff maybe i'm trying to solve a problem who does not exists? I mean google login redirect to my browser and nowhere else, so who cares about the unigui session (in my case)? I do all the session handling for my app myself so i don't care which unigui session is active. If i am right then my demo project should work properly... 1 Quote
GerhardV Posted February 15, 2017 Posted February 15, 2017 Thanks mate...it might come in handy at some stage. Quote
ygerdel Posted December 19, 2018 Posted December 19, 2018 On 2/9/2017 at 6:03 AM, Harry Rogers said: Here is the original Delphi Unit. http://tinyurl.com/GAdotPas I'll chop out the code I've got in an app to make a simple demo implementation - if you give me a couple of days. Cheers Hi, the link are broken. could you develop the demo? Quote
Harry Rogers Posted December 19, 2018 Author Posted December 19, 2018 Here is a fresh link https://tinyurl.com/GA-dload All the best Quote
ygerdel Posted December 19, 2018 Posted December 19, 2018 15 minutes ago, Harry Rogers said: Here is a fresh link https://tinyurl.com/GA-dload All the best Sorry, the link is still broken Quote
Harry Rogers Posted December 19, 2018 Author Posted December 19, 2018 Sorry - Not sure why that failed Here we go again https://tinyurl.com/ybezp8qr Quote
ygerdel Posted December 19, 2018 Posted December 19, 2018 1 hour ago, Harry Rogers said: Lo siento, no estoy seguro de por qué falló Aquí vamos de nuevo https://tinyurl.com/ybezp8qr Thank you very much. Quote
andyhill Posted December 19, 2018 Posted December 19, 2018 Trying to test. My Google Account OAuth-2.0-Client-ID does not show ReDirect Option ? Please advise - thanks Authorized domains To protect you and your users, Google only allows applications that authenticate using OAuth to use Authorized Domains. Your applications' links must be hosted on Authorized Domains. Learn more Application Homepage link Shown on the consent screen. Must be hosted on an Authorized Domain. Application Privacy Policy link Shown on the consent screen. Must be hosted on an Authorized Domain. Application Terms of Service link (Optional) Shown on the consent screen. Must be hosted on an Authorized Domain. Save Submit for verification Cancel Quote
leons Posted June 22, 2019 Posted June 22, 2019 Hi Harry, Is it possible to receive the example? The link is outdated. Best regards, Leon Quote
ygerdel Posted September 27, 2019 Posted September 27, 2019 Hi, I have problems to match the Google OTP that I have on my cell phone with the code generated in my application (PC), the seconds do not match. Anyone have any solution for this? Quote
Sherzod Posted April 17, 2020 Posted April 17, 2020 Perhaps you should analyze this example, for starters? http://forums.unigui.com/applications/core/interface/file/attachment.php?id=3836 Quote
RaoulW Posted November 13, 2020 Posted November 13, 2020 The sampel is nice but it does not fill in the corrent client ID and Secret. That needs to be done after clicking the button Quote
Ruliss Posted January 24, 2022 Posted January 24, 2022 Why all resources or link are unavailable?? I'm doing something wrong?? Quote
Sherzod Posted January 24, 2022 Posted January 24, 2022 3 hours ago, Ruliss said: Why all resources or link are unavailable?? I'm doing something wrong?? Hello, Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.