I want to integrate twitter in my ASP.Net web site with C# . I want to implement a profile page in which user should be able to sign in from twitter. After clicking on "Sign Up via Twitter" Button. I have made a twitter application and i am doing this thing with OAuth. After getting user details i want to add them to my SQL Server Database(So that in future user can sign in using these details).
IT gives an exception at runtime.The exception is
The remote server returned an error:(403) Forbidden.so please answer if you have done this kind of stuff.
I have already search all around on the internet,am i doing something wrong here?
Add the following line:
request.UseDefaultCredentials = true;
This will let the application use the credentials of the logged in user to access the site. If it's returning 403, clearly it's expecting authentication.
It's also possible that you (now?) have an authenticating proxy in between you and the remote site. In which case, try:
request.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
Hope this helps.
Related
I'm throwing together a simple POC for a client that wants to use LiveId (now Microsoft Account or MSA) for users to sign in. I've done this with FaceBook, Google and Twitter and they were all a walk in the park. For whatever reason MSA is a royal PITA.
I've created a MVC5 application using Visual Studio 2015. I went to the MSA developer center to create my app and get the client id and secret. The redirect URL I'm using is http://localtest.me/membersweb/signin-microsoft
The client id and secret go in Start.Auth.cs just like usual.
I've setup IIS and have my app in a virtual directory. When I run my application it comes up like usual. I click Log In and it goes to the login page as expected and the Microsoft button appears in the right hand column as expected. When you click the Microsoft button you are redirected to the MSA sign in page. B/c I'm already signed in I should be taken to the authorization page where I give my application permission to access my info. Instead I'm taken to an error page. The title says "We're unable to complete your request" and the rest of the message says "Microsoft account is experiencing technical problems. Please try again later.". Pretty useless.
The url is a tiny bit more helpful with the following error message:
invalid_request&error_description=The+provided+value+for+the+input+parameter+'redirect_uri'+is+not+valid.+The+expected+value+is+'https://login.live.com/oauth20_desktop.srf'+or+a+URL+which+matches+the+redirect+URI+registered+for+this+client+application.
This isn't rocket science. I do this w/ FaceBook all the time. What the blazes am I doing wrong?
No other coding, configuring or customization has been performed.
TIA
Go to https://account.live.com/developers/applications
Choose your application
Go to Edit Settings
Go to API Settings
Edit the Redirect URLs: add "/signin-microsoft" to the end of your redirect_uri
Go to your code and set the same redirect_uri for the API call
Go to drink a beer or two or more
This worked for me :)
PS: If it is still not working, try to add "/Account/ExternalLoginCallback" at the end of your redirect_uri, but this is not confirmed as working solution
For more info here: http://www.benday.com/2014/02/25/walkthrough-asp-net-mvc-identity-with-microsoft-account-authentication/
In case anyone is having this problem....
I ran into this issue recently and adding "/signin-microsof" or "/Account/ExternalLoginCallback" did not help.
What I ended up doing is adding the following redirect URIs to all app registrations (Microsoft, Google and Facebook in my case).
https://YOUR-DOMAIN.b2clogin.com/YOUR-DOMAIN.onmicrosoft.com/oauth2/authresp
https://login.microsoftonline.com/te/YOUR-DOMAIN.onmicrosoft.com/oauth2/authresp
I have developped a web service using .Net framework and it will get the login details such as user name and password. when login is clicked it has to request web service using rest and get authenticated. since i failed, I have created a joomla module (custom html) a login form and i tried again by editing the html code and couldnt find a way to communicate with my web service. please help me. any way of doing this? thanks
Authentication process in Joomla! is managed by plugin rather than modules.
In fact, you have to write a plugin, which extends JPlugin, and overwrite the function onUserAuthenticate( $credentials, $options, &$response )
The relevant piece of code, where you log in the user if authenticated by some other authority (webservice, database, and so on), is where you set the status of a specific user (identified by username) this way:
$response = JUser::getInstance();
$response->username = $credentials['username'];
$response->fullname = $fullname;
$response->email = $email;
$response->status = JAuthentication::STATUS_SUCCESS;
$message = JText::_('JGLOBAL_AUTH_ACCESS_GRANTED');
return true;
Documentation at http://docs.joomla.org/J1.5:Creating_an_Authentication_Plugin_for_Joomla is still useful.
Since you didn't provide code (and debug output) it's hard to find out what went wrong with webservice.
Question:
I'm using a DropBox csharp API from here:
https://github.com/dkarzon/DropNet
From the Unit tests, and the only working sample from here
https://github.com/dkarzon/DropNet/blob/master/DropNet.Samples/DropNet.Samples.Web/Default.aspx.cs
I figured that it works like this:
DropNet.DropNetClient client = new DropNet.DropNetClient(strApiKey, strAppSecret);
DropNet.Models.UserLogin login = client.GetToken();
client.UserLogin = login;
var accountInfo = client.AccountInfo();
str = accountInfo.quota_info.quota.ToString();
The probem is, it throws an exception on accountinfo. (System.Net.HttpStatusCode.Unauthorized)
Everything before works fine, I get the login (usertoken & usersecret) .
I think my problem is this part of the sample application:
var url = _client.BuildAuthorizeUrl(Request.Url.ToString() + "?dropboxcallback=1");
Response.Redirect(url);
Where it redirects to dropbox for a login...
I don't have a web application, so I have no URL...
What I have is a console application, that should make a backup of my database every evening automatically as a service, for which it certainly is very bad requiring a webbrowser and a user which has to type in email/username + password.
How can I do a login by directly supplying the hardcoded username and password ?
If I use the sample application, then it works, but that requires typing in the username and password on the web, and that sucks big time for a console application...
As far as I know from other API's (facebook, google, stack exchange etc.) you'll have to redirect your user to a webpage of Dropbox, where it will grant permissions to you to use it's account to perform things.
So in general it is not possible to achive this without a webbrower. Otherwise you'll have to perform really dirty hacks to hack arround the permission system of dropbox.
Please have a look at "OAuth 2.0 authorization flow" on google.
Here's a diagram I found at Yahoo which show's how it works:
For uisng the DropnetClient's 4 argument constructor also we need to build web based url and allow the user to authenticate his account this is compusory thing, accesstoken will generate after the user hit allow button in authentication process
As GameScripting explained the Dropbox API uses oauth which requires user login through the dropbox website to authenticate the access tokens.
Checkout the documentation here: http://dkdevelopment.net/what-im-doing/dropnet/ for the 3 step process.
What sort of application are you building? Normal process is to load a browser control inside the application and navigate to the login URL with it.
Also have a look at the sample Windows Phone app to give you an idea of how this process works: https://github.com/dkarzon/DropNet/blob/master/DropNet.Samples/DropNet.Samples.WP7/MainPage.xaml.cs
Instead of hardcoding the username and password, you can hardcode the OAuth access token.
First, create a simple program (using the same app key) that follows the standard browser-based authorization flow. Then use it to authorize the app with the desired user. This will give you an OAuth access token (a "token" and "token secret") associated with that user and your app key.
Then, in your service-style application, just hardcode the OAuth access token (using DropNetClient's 4-argument constructor).
It is possible, using SharpBox - tested, works.
One needs to acquire the AccessToken as a one-time-action manually, then after that, one can omit the login page and use the saved AccessToken.
http://www.jayway.com/2012/02/06/unboxing-dropbox-and-sharpbox-2/
The magic line is:
Globals.DropBox.Token = AppLimit.CloudComputing.SharpBox.StorageProvider.DropBox.DropBoxStorageProviderTools
.ExchangeDropBoxRequestTokenIntoAccessToken(
Globals.DropBox.config
, Globals.DropBox.AppKey, Globals.DropBox.AppSec
, Globals.DropBox.requestToken
);
I have a .net website and I want to post messages by the facebook api to every user's wall.I want via an application to post messages, but the error message when i execute Stream.Publish is "The user hasn't authorized the application to perform this action".
I am using the Facebook Developer Toolkit. I believe that i make something wrong in the configuration of the settings of my facebook application but I am not sure.
Have you tried the samples It may help you understand if you do something wrong with your code.
Add the following this in the Page_PreInit() event
base.RequiredPermissions = new List();
base.RequiredPermissions.Add(Facebook.Schema.Enums.ExtendedPermissions.publish_stream);
base.RequireLogin = true;
or use
Response.Redirect("http://www.facebook.com/login.php?api_key=" + ApiKey + "&next=http://apps.facebook.com/yourapplication/&display=page&locale=en_US&return_session=0&fbconnect=0&canvas=1&legacy_return=1&req_perms=publish_stream");
I'm trying to login directly to Google Analytics. To explain, I have an account system and I'd like when you select an ASP.NET button for instance it re-directs you - via a silent login - to a specified Google Analytics account.
I've looked long and hard at Dave Cullen's ASP.NET library and although I can login 'silently' using HttpWebRequest, I can't then stick the user on that page. I'm having allsorts of dramas with a 'Cannot send a content-body with this verb-type' error too.
Here is the very basic code I have currently based on Dave's library;
string token = GoogleAnalytics.getSessionTokenClientLogin(username, password);
NameValueCollection profiles = GoogleAnalytics.getAccountInfo(token, GoogleAnalytics.mode.ClientLogin);
HttpWebRequest theRequest = (HttpWebRequest)WebRequest.Create("https://www.google.com/analytics/settings/?et=reset&hl=en_uk&et=reset&hl=en-US&et=reset&hl=en-GB");
theRequest.Headers.Add("Authorization: GoogleLogin auth=" + token);
Stream responseBody = theRequest.GetRequestStream();
Encoding encode = System.Text.Encoding.GetEncoding("utf-8");
StreamReader readStream = new StreamReader(responseBody, encode);
My question therefore is; 1. can this be done? and 2. is this even the right way to do this?
Advice welcomed!
I'm not sure what the overall goal of signing someone in to Google Analytics automatically is, but if its just to display some of the data that is in Google Analytics you might want to consider using the Google Data API to pull the information that you want from Google Analytics. You could create a simple dashboard of what they really need to see without giving access to other things in Google Analytics, by logging them in you are most likely giving them access to data and tools that they just don't need?
Check out the API if it doesn't fit your needs maybe provide some more information on the overall goal is of this functionality.
http://code.google.com/apis/analytics/
Unless you're willing to implement a proxy server to proxy google analytics, I don't think you're going to be able to do this because you can't assign cookies to the client for another domain.
If the auth tokens are stored in cookies you can add the cookies to your ASP.NET response - then host the google page in an IFRAME just by setting the src (no inlining). That IFRAME will "inherit" the cookies from your parent page and the page will think it's authenticated.