I'm trying to use WebAccountManager for making login easier in a Windows 10 Universal Windows App (UWP).
It seems like the documentation around how to use WebAccountManager is somewhat lacking. Are Microsoft Account (MSA) and AAD the only WebAccountProvider implementations that come out of the box?
Did anyone have any luck making this work, and have code to share?
Thanks!
The identity providers unsupported by WebAccountManager can be added to the authentication prompt using the WebAccountProvider class.
Getting the access token of the new provider is the responsibility of the WebAuthenticationBroker class.
Note: You may also want to use the newer MSAL.net library instead. It appears to be equivalent to the WebAccountManager and there's also a simple UWP code example available.
Related
In my win-fourms application, I would like to do something like to use the account password similarly to how apple has the touch id API. I could not find any information on this. Here is an example I saw in the built in groove music app in windows 10:
Thank you!
When Microsoft built the Universal Windows Platform (UWP) they built in an authentication library that allows you to use user's Microsoft Accounts. There is no built in support for this in WinForms or WPF apps.
However, you can use the Microsoft OAuth endpoint to accomplish the same thing, it just won't look the same (requires a browser popup for starters). More information can be found here:
https://learn.microsoft.com/en-us/azure/active-directory/active-directory-v2-protocols-oauth-code
The code basically requires doing a bunch of REST calls and providing a listening socket for an asynchronous response.
Scope: I am developing a mobile application using Xamarin (C#) to target both Android and iPhone (initially Android). The application logic is separated out in to a PCL (C#) where possible to ensure maximum code reuse. The application integrates with the YouTube Data API v3 for the purpose of rating retrieved videos and allowing subscription to a channel.
Background: As per the documentation (http://developer.android.com/google/play-services/auth.html) I have used the suggested approach to generate an OAuth2 token for the authorised requests from Android, using the AccountManager.getToken method and this works fine and returns a token.
The next step is to make requests using this token (let's take rating a video as an example). My initial idea was to utilise the .NET client library for the YouTube Data Api (https://developers.google.com/api-client-library/dotnet/get_started). However, it seems that this would take us through the whole authorisation process once again and would likely require a web view redirect or similar. I had hoped that there may be a way to use a token which had already been retrieved to create the credential object or create the service from directly, but it doesn't appear to be the case.
The second problem I have found with the client library is that not all of the classes appear to be referenced when adding the NuGet package, namely the GoogleWebAuthorizationBroker. Additionally, as we are in a PCL we are limited with common objects such as FileStream which is utilised in the documented examples (https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth). I did try to use this library from a non-PCL project also to confirm that it wasn't just the limited references in the PCL which were responsible (for the GoogleWebAuthorizationBroker reference issue).
The other option therefore was to look at manual construction of the URL and then posting the data to make the HTTP request ourselves. This too has met with limited success similar to the question listed here: Like video with access token on YouTube using YouTube Data API v3?, which doesn't appear to be answered (suggestion to use the client api). Is this method supported, and if so are there some documented .NET examples? This method would allow me so get the token natively (on android, iphone) and then pass it to a PCL library where I could make the requests, which would be preferable.
Question: So my question is given the scope of what I am trying to achieve here what would be the approved/suggested approach. Clearly the more I can do within the PCL the better from a code reuse point of view, but right now I'd be fairly satisfied with an approach that will actually just work for Android. If anyone has any examples of successfully making authenticated requests to the YouTube Data Api (v3) from Android that would also be useful. I feel like I've trawled through a lot of the documentation to this point over a number of days but not found anything definitive to say "this is how you should do it".
Thanks in advance for any help.
Well, I wouldn't necessarily deem this the answer to my question, however, it is the approach I have taken, so thought I would report back. I have kept the OAuth2 token generation code inside the Xamarin Android project and then pass that on to a PCL which has a repository to deal with the YouTube integration. As there are only a few calls I need to make (ratings, subscriptions and comments) I have elected to manually construct the POSTs via HttpClient and proceed that way.
Perhaps not as elegant as the client library integration but gets the job done. For reference this is made a lot easier if you use the Google OAuth Playground (https://developers.google.com/oauthplayground/) first to get the token and confirm the correct JSON for your request.
If anyone has any problems with this approach then let me know and I can post specific service calls as an example.
From what I can gather, this isn't what google-api-dotnet-client is for.
If you look at the source code (https://github.com/google/google-api-dotnet-client), you can see that GoogleWebAuthorizationBroker is defined for Windows Store, WP 8 etc.
This suggests that the library is intended for .NET clients running on Microsoft operating systems, rather than Android, iOS etc.
These might be the droids you are looking for:
https://github.com/xamarin/GooglePlayServicesComponents (Android)
https://github.com/xamarin/GoogleApisForiOSComponents
They are Xamarin wrappers around the Google SDK for each platform.
This makes sense because of the way Google APIs are called on Android. Rather than rely on a client secret which one should not embed in the application, the you register the app's signature against the "installed app" client ID. The operating system then provides this key when calling google services. You won't get that functionality in a PCL :)
I wrote an Android application that uses Azure to perform user login with Google, Twitter and Facebook; it uses Microsoft.WindowsAzure.MobileServices.Android.dll and with this I'm able to do something like
await Client.LoginAsync(context, MobileServiceAuthenticationProvider.Google);
(in Azure I set ids and secrets to use Google, Facebook and Twitter).
Now I'm developing a Windows app (desktop app) using Windows 7, VS2012 and Framework 4.5 and I'd like to perform same login (so I can get authentication token and use it to query my sql database); I used NuGet to import Microsoft.WindowsAzure.Mobile package and I see referenced both Microsoft.WindowsAzure.Mobile and Microsoft.WindowsAzure.Mobile.Ext.
When I try to use LoginAsync, similar syntax I used in Android is missing.
According to this link http://www.windowsazure.com/en-us/develop/mobile/how-to-guides/work-with-net-client-library/#caching in extension package there should be an extension method that lets me use
user = await client.LoginAsync(MobileServiceAuthenticationProvider.Google);
but VS cannot see it and so I cannot use it.
I just see method
LoginAsync(MobileServiceAuthenticationProvider provider, JsonObject token)
but I don't need it honestly...
Am I missing something?
The "simplified", or "browser-based" login method is available on all supported platforms, except the full .NET Framework 4.5. That platform lacks that functionality because there are cases where it cannot display a web interface where the user can enter their credentials. For example, it can be used in a backend service (see an example at this post). It can also be a console application, in which there’s no “native” way to display a web page. Even on project types with "native" UI components, such as WinForms or WPF, there's no "natural" way to show a login page - if the window were WPF-based, it wouldn't look natural in a WinForms app, and vice-versa.
For a specific platform, however, you can add that method as an extension method. The post at http://blogs.msdn.com/b/carlosfigueira/archive/2013/08/27/web-based-login-on-wpf-projects-for-azure-mobile-services.aspx talks exactly about that, and it has some code showing how this can be done.
I have an ASP.NET MVC app. I want link a Twitter user's account to a user account in my app. Previously, I was using Twitterizer. However, from my understanding, that library will no longer work because Twitter changed their authorization approach. With that in mind, what library is a C# developer recommended to use?
Does anyone know of a library that a C# developer can use to get a Twitter users access secret and access token?
Thank you
In new ASP MVC 4 template you have all work done and ready to use:
http://blogs.msdn.com/b/webdev/archive/2012/08/15/oauth-openid-support-for-webforms-mvc-and-webpages.aspx
You'd be hooking into their authentication system using OAuth. There are some pretty effective libraries for this kind of thing for .NET, check out twitter's dev site for the most up to date ones:
https://dev.twitter.com/docs/twitter-libraries
I know I have seen apps that log me in using Facebook but never present me with an authorization screen. I can not, for the life of me, figure out how to do this with Windows Phone 7. The best I have been able to get is using the Facebook for C# SDK to get the authorization screen in a WebView. This looks hideous and the page does not even appear to be mobile ready.
I have searched high and low for an answer and have found nothing. Wondering if anyone can point me in the right direction to getting this to work?
Yes, I also saw this kind of apps (e.g. Spotify prompts you to enter your Facebook account credentials rather than using the normal authorization flow). My best guess is that they either some kind of premium partners and have access to some private APIs or they use custom authorization flows (e.g. when you authorize an app on a website, the system saves authorization key in the database. The same app id/secret is then used in Windows Phone app and all you need to do is to type in your email/username in order for the system to locate authorization key that was saved earlier).
I also don't like the approach of displaying Facebook login/auth using WebBrowser control (mostly because of UI inconsistency) but I'd say that this is still the way to go in most cases (because this is the official and recommended way of authorizing the app and all other approaches seem hacky for me and also have their disadvantages).
You will want to be using the "server-side authentication" approach. The following document describes how it works: Server-side authentication (read also OAuth Dialog documentation for how to configure the authentication dialog). You can change the way the UI looks by passing a display parameter (either to touch or wap).
Please note that display=touch is currently broken in Windows Phone - Facebook always falls back to wap which is deprecated and will be removed as per July 2012 update (corresponding case: Facebook API can't be used with Windows Phone apps). It's also among known issues on Facebook C# SDK project page: Facebook C# SDK - Known issues.
Hope this clarifies things a bit.