The OAuth flows provided by Gmail, Yahoo and Outlook.com are designed for a site like yours to request access to a person’s address book. In order for CloudSponge to be able to do the heavy lifting of importing and normalizing the contacts for your site, your application must hand the consent code over to CloudSponge.
You can accomplish this with a special page on your site that we refer to as Proxy URL.
The sole purpose of this page is to accept the token parameters from the contact source (Gmail, Yahoo or Outlook.com) and proxy that to CloudSponge.
Complete the following steps to install and test your OAuth proxy endpoint:
- Download the file here or review the full gist.
solo-auth-proxy.htmlto the same directory on your web server. Your Proxy URL is done!
- Verify the Proxy URL by visiting the
solo-auth-proxy.htmlpage on your server.
You should see some text and a link. Make a note of the URL, you will use this URL as Proxy URL when setting up your Developer Accounts and also the OAuth Credentials in CloudSponge.
Next you can set up your OAuth Credentials for each OAuth source, using the URL for
Server-side Proxy URL (deprecated)
Your Proxy URL should be a transparent pass-through between the client and
api.cloudsponge.com: all request data should be forwarded directly upstream to
https://api.cloudsponge.com/auth. Likewise, all response headers and data should be returned directly to the client. The page you create on your site to proxy requests needs to accept all
GET parameters, make an HTTP connection to
https://api.cloudsponge.com/auth, passing the parameters with the request. When the response comes back from
api.cloudsponge.com, the exact headers and body should be returned to the client. The typical gotcha is following redirects:
api.cloudsponge.com/auth returns a 302 response in many cases. Ensure that your system is configured to not follow redirects for the proper result.
CloudSponge may return a
302 Found and a
Location in the response header. This response header should be returned to the user’s browser. Some platforms will automatically follow redirects so you must ensure that this functionality is turned off on your system.
Important Note: The Proxy URL cannot follow any redirect response from CloudSponge. It must proxy the request and include any GET parameters with the payload to CloudSponge.
We have several reference implementations of working Proxy URLs: