I am writing a windows C#.Net application using .Net3.5. I am trying to download emails from Gmail using Google's Gmail API ( a requirement). Is it possible to get user credentials in a user friendly way (browser page popping up requesting credentials, supplying username and password directly into my application, or whatever), rather than having the user obtain the credentials himself ?
You should be able to pop up a browser window with the required URL for the user to grant access (or even embed a browser window in your application!) The user should then simply just see the requested permission and click OK and then your application can get the access token.
See:
https://developers.google.com/accounts/docs/OAuth2#installed
Better to search/tag on [google-oauth]
Related
I have a windows auth. in my .NET MVC application.
How to achieve that browser always ask for user credentials?
Thanks.
Prompting for user credential is pure client-side behavior so the only way to achieve this is set IE->internet options-> security->select your zone->custom level->Check "Prompt for username and password".
By default, web browser will pass user credential automatically only when you are in an intranet so for the public website, you don't have do anything on web browser. For intranet, you need to apply "Prompt for username and password" via group policy.
It is unavailable to control the prompt on server side.
How to make the windows authentication login prompts for user credentials in browsers
I'm developing a web application with C # and netcore, which includes an API module.
Then there is a windows WPF application (programmed by me) that can connect to this API.
So when I log in into my WPF application I check the credentials over the API's call and grant access to the user. In this WPF Application is a Button that will forward you to the Web version.
Is it now possible to hand over the generated bearer token from WPF App to my login in the web to grant the user access without using again his credentials?
I expect that the user just need to use his credentials in WPF App and is logged in in the browser too.
Thank you in advance and have a nice day.
I guess you store the token on the Web version and if you open it in the browser it will already be logged in and redirected to a specific page. In case the token cannot be retrieved or it is expired, then you will stay on the login page.
I would suggest you to pass the token to the login page as parameter in the URL from your WPF app. So at this point after you check if you already have a token stored, you can also check if you have any parameter passed, store that one and redirect to the page you want.
a c# windows application give privilege to users with a specific profile in its database. The application does not handle user and password but get the username of the authetcated user in Windows session.
They asked me to authenticate the user by a IAM service such as Microsoft IAM. But I'm a bit confused. It means that I have to ask username and password to user and verify them with IAM? I don't want to store in my db password.
I cannot figure how to use an external IAM.
No, you will not need to deal with passwords.
In short, your application will need to display a mini browser window (WebControl, WebView, etc.) where the IAM provider's login screen is displayed. Users provide their credentials directly to that login screen. Your application never touches those credentials and only receives the valid tokens afterwards from which it can get information like unique user ID, email address, etc.
Check out this WPF tutorial from one of the best IAM providers, auth0 (disclaimer: I'm not affiliated with auth0 in any way).
https://auth0.com/docs/quickstart/native/wpf-winforms/01-login
You can sign up for a free trial account to quickly try it out.
Side note: This method is not entirely safe from abuse as your malicious application could intercept key strokes as users type in their credentials into the IAM login page (since it is hosted within your application's process).
I have a web application that users windows authentication NTLM, my app will check if password has expired and forces users to reset password or just passes user straight through if password is ok.
So doing the password check is ok I just need to know how to redirect WITHOUT re-authenticating, is this possible programmatically. I have read it seems to be easy enough using basic auth but wondering if it can be done on windows auth.
So basically I need to redirect a user to windows auth website with a set of credentials I have programmatically specified so the user gets no additional logins.....Is that possible and if so point me in the right direction!
Thanks
I'm currently writing a facebook app for windows phone, and there is something I just didn't find how to do.
Since display=touch currently doesn't work on windows phone, I am forced to use display=popup to get a token and the user's agreement for my app.
This popup mode really isn't fit for mobile apps, so I would like the user to be able to check a box saying "I would like the app to remember my login and password and connect me automatically".
However, when I have the user's login and password, I don't know how to use the OAuth API to effectively login the user without him having to click anything. Is there a way to do that ? Or do I have to wait for the user to choose "Remember me" on the Facebook login page ?
I hope that was clear enough.
Facebook doesn't have a (public) API for taking a users email address and password and returning an access token. The closest thing you can do is customize the HTML that gets returned with JavaScript. I have an example of this on my github.